CVE-2022-45020

2022-12-0500:00:00

mitre

www.cve.org

rukovoditel v3.2.1

dom-based xss

get request

denial of service

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.1%

JSON

Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.