Lucene search

[email protected]NVD:CVE-2022-37153

HistoryAug 24, 2022 - 1:15 p.m.

CVE-2022-37153

2022-08-2413:15:08

CWE-79

[email protected]

web.nvd.nist.gov

artica proxy

xss

vulnerability

fw.login.php

password parameter

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.016

Percentile

87.6%

JSON

An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php.

Affected configurations

Nvd

Node

articatechartica_proxyMatch4.30.000000

VendorProductVersionCPE
articatechartica_proxy4.30.000000cpe:2.3:a:articatech:artica_proxy:4.30.000000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
articatech	artica_proxy	4.30.000000	cpe:2.3:a:articatech:artica_proxy:4.30.000000:::::::*

References

github.com/Fjowel/CVE-2022-37153

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.016

Percentile

87.6%

JSON

Related for NVD:CVE-2022-37153

cve1 prion1 cvelist1 nuclei1 githubexploit1