Lucene search

K
cvelist@huntrdevCVELIST:CVE-2022-2729
HistoryAug 09, 2022 - 11:55 a.m.

CVE-2022-2729 Cross-site Scripting (XSS) - DOM in openemr/openemr

2022-08-0911:55:25
CWE-79
@huntrdev
www.cve.org
1
cve
cross-site scripting
dom
openemr
github
repository

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.004

Percentile

73.3%

Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1.

CNA Affected

[
  {
    "product": "openemr/openemr",
    "vendor": "openemr",
    "versions": [
      {
        "lessThan": "7.0.0.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.004

Percentile

73.3%

Related for CVELIST:CVE-2022-2729