Lucene search
PalantirCVELIST:CVE-2022-27894HistoryNov 04, 2022 - 12:00 a.m.
CVE-2022-27894 The Foundry Blobster service was found to have a cross-site scripting (XSS) vulnerability.
2022-11-0400:00:00
CWE-79
Palantir
www.cve.org
cve-2022-27894
foundry
blobster
xss
vulnerability
resolved
version 3.228.0
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
22.7%
The Foundry Blobster service was found to have a cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Foundry to launch attacks against other users. This vulnerability is resolved in Blobster 3.228.0.
CNA Affected
[
{
"vendor": "Palantir",
"product": "Foundry Blobster Service",
"versions": [
{
"version": "unspecified",
"lessThan": "3.227.0",
"status": "affected",
"versionType": "custom"
},
{
"version": "next of 3.207.0",
"status": "affected",
"lessThan": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-27894
2022-11-04 18:15:11
prion
prion
Cross site scripting
2022-11-04 18:15:00
cve
cve
CVE-2022-27894
2022-11-04 18:15:11
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
22.7%
Related for CVELIST:CVE-2022-27894