Lucene search

K
nvd[email protected]NVD:CVE-2022-42097
HistoryNov 22, 2022 - 1:15 p.m.

CVE-2022-42097

2022-11-2213:15:14
CWE-79
web.nvd.nist.gov
3
backdrop cms
version 1.23.0
stored xss

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

44.3%

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via ‘Comment.’ .

Affected configurations

Nvd
Node
backdropcmsbackdropMatch1.23.0
VendorProductVersionCPE
backdropcmsbackdrop1.23.0cpe:2.3:a:backdropcms:backdrop:1.23.0:*:*:*:*:*:*:*

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

44.3%

Related for NVD:CVE-2022-42097