Lucene search
HistoryJul 17, 2022 - 11:15 p.m.
CVE-2022-30982
gentics cms
stored xss
profile description
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
24.8%
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username.
Affected configurations
Node
genticsgentics_cmsRange<5.43.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gentics | gentics_cms | * | cpe:2.3:a:gentics:gentics_cms:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2022-07-17 23:15:00
cve
cve
CVE-2022-30982
2022-07-17 23:15:08
cvelist
cvelist
CVE-2022-30982
2022-07-17 22:26:38
zdt
zdt
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization Vulnerability
2022-06-21 00:00:00
packetstorm
packetstorm
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
2022-06-20 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
24.8%
Related for NVD:CVE-2022-30982