Lucene search

MitreCVELIST:CVE-2022-44724

HistoryNov 04, 2022 - 12:00 a.m.

CVE-2022-44724

2022-11-0400:00:00

mitre

www.cve.org

cve-2022-44724

cross-site scripting

stiltsoft handy macros

8.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.2%

JSON

The Handy Tip macro in Stiltsoft Handy Macros for Confluence Server/Data Center 3.x before 3.5.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.

References

stiltsoft.atlassian.net/browse/VD-3

www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-049.txt

8.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.2%

JSON

Related for CVELIST:CVE-2022-44724