Lucene search
HistoryOct 27, 2022 - 9:15 p.m.
CVE-2022-41702
affected product
cross-site scripting vulnerability
insertreg api
software version prior to v1.9.01.002
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
22.9%
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API.
Affected configurations
Node
deltawwdiaenergieRange<1.9.01.002
Related
cve
cve
CVE-2022-41702
2022-10-27 21:15:16
prion
prion
Cross site scripting
2022-10-27 21:15:00
cvelist
cvelist
CVE-2022-41702 Delta Electronics DIAEnergie
2022-10-25 00:00:00
ics
ics
Delta Electronics DIAEnergie (Update B)
2023-02-16 12:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
22.9%
Related for NVD:CVE-2022-41702