Lucene search

VulDBCVELIST:CVE-2022-2701

HistoryAug 08, 2022 - 12:26 p.m.

CVE-2022-2701 SourceCodester Simple E-Learning System claire_blake cross site scripting

2022-08-0812:26:10

CWE-79

VulDB

www.cve.org

cve-2022-2701

sourcecodester

simple e-learning system

claire_blake

cross site scripting

remote attack

vdb-205822

security vulnerability

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

30.0%

JSON

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claire_blake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205822 is the identifier assigned to this vulnerability.

CNA Affected

[
  {
    "product": "Simple E-Learning System",
    "vendor": "SourceCodester",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

github.com/E1CHO/water_cve/blob/main/E-learning%20System%20personal%20data%20modification%20XSS%20vulnerability.pdf

vuldb.com/?id.205822

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

30.0%

JSON

Related for CVELIST:CVE-2022-2701