Lucene search
HistoryOct 17, 2022 - 9:15 p.m.
CVE-2022-40606
mitre caldera
xss
vulnerability
operations tab
debrief plugin
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
31.3%
MITRE CALDERA before 4.1.0 allows XSS in the Operations tab and/or Debrief plugin via a crafted operation name, a different vulnerability than CVE-2022-40605.
Affected configurations
Node
mitrecalderaRange<4.1.0
Related
cvelist
cvelist
CVE-2022-40606
2022-10-17 00:00:00
CVE-2022-40605
2022-10-17 00:00:00
nvd
nvd
CVE-2022-40605
2022-10-17 20:15:10
cve
cve
CVE-2022-40606
2022-10-17 21:15:10
CVE-2022-40605
2022-10-17 20:15:10
prion
prion
Design/Logic Flaw
2022-10-17 20:15:00
Design/Logic Flaw
2022-10-17 21:15:00
osv
osv
CVE-2022-40605
2022-10-17 20:15:10
CVE-2022-40606
2022-10-17 21:15:10
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
31.3%
Related for NVD:CVE-2022-40606