Lucene search

K
cve[email protected]CVE-2024-22302
HistoryJan 31, 2024 - 5:15 p.m.

CVE-2024-22302

2024-01-3117:15:34
CWE-79
web.nvd.nist.gov
22
cve-2024-22302
ignazio scimone
albo pretorio on line
cross-site scripting
stored xss
nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.9%

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ignazio Scimone Albo Pretorio On line allows Stored XSS.This issue affects Albo Pretorio On line: from n/a through 4.6.6.

Affected configurations

Vulners
NVD
Node
ignazio_scimonealbo_pretorio_on_lineRange4.6.6

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "albo-pretorio-on-line",
    "product": "Albo Pretorio On line",
    "vendor": "Ignazio Scimone",
    "versions": [
      {
        "lessThanOrEqual": "4.6.6",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.9%