Lucene search
HistorySep 26, 2022 - 7:15 p.m.
CVE-2022-30003
sourcecodester online market place
cross site scripting
vulnerability
seller
product title
short description
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.0%
Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the ‘Product Title’ and ‘Short Description’ fields.
Affected configurations
Node
online_market_place_site_projectonline_market_place_siteMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| online_market_place_site_project | online_market_place_site | 1.0 | cpe:2.3:a:online_market_place_site_project:online_market_place_site:1.0:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2022-09-26 19:15:00
cve
cve
CVE-2022-30003
2022-09-26 19:15:09
zdt
zdt
Online Market Place Site 1.0 Cross Site Scripting Vulnerability
2022-09-05 00:00:00
packetstorm
packetstorm
Online Market Place Site 1.0 Cross Site Scripting
2022-09-05 00:00:00
cvelist
cvelist
CVE-2022-30003
2022-09-26 18:27:33
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.0%
Related for NVD:CVE-2022-30003