Lucene search
HistorySep 14, 2022 - 9:15 p.m.
CVE-2022-40365
cross site scripting
ouqiang gocron
web/vue.
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.5%
Cross site scripting (XSS) vulnerability in ouqiang gocron through 1.5.3, allows attackers to execute arbitrary code via scope.row.hostname in web/vue/src/pages/taskLog/list.vue.
Affected configurations
Node
gocron_projectgocronRange≤1.5.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gocron_project | gocron | * | cpe:2.3:a:gocron_project:gocron:*:*:*:*:*:*:*:* |
Related
osv
osv
ouqiang gocron Cross-site scripting vulnerability
2022-09-15 00:00:17
CVE-2022-40365
2022-09-14 21:15:10
github
github
ouqiang gocron Cross-site scripting vulnerability
2022-09-15 00:00:17
veracode
veracode
Cross-site Scripting (XSS)
2022-09-15 04:47:04
prion
prion
Cross site scripting
2022-09-14 21:15:00
cvelist
cvelist
CVE-2022-40365
2022-09-14 20:06:43
cve
cve
CVE-2022-40365
2022-09-14 21:15:10
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.5%
Related for NVD:CVE-2022-40365