Lucene search

[email protected]NVD:CVE-2022-41441

HistoryJan 20, 2023 - 3:15 p.m.

CVE-2022-41441

2023-01-2015:15:13

CWE-79

[email protected]

web.nvd.nist.gov

reqlogic

cross-site scripting

arbitrary web scripts

html

pobatch parameter

waitduration parameter

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

52.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters.

Affected configurations

NVD

Node

reqlogicreqlogicMatch11.3

References

packetstormsecurity.com/files/171557/ReQlogic-11.3-Cross-Site-Scripting.html

reqlogic.com

okankurtulus.com.tr/2023/01/17/reqlogic-v11-3-unauthenticated-reflected-cross-site-scripting-xss/

reqlogic.com/

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

52.9%

JSON

Related for NVD:CVE-2022-41441

prion1 cve1 nuclei1 packetstorm1 zdt1 cvelist1