Lucene search

[email protected]NVD:CVE-2022-43117

HistoryNov 21, 2022 - 6:15 p.m.

CVE-2022-43117

2022-11-2118:15:21

CWE-79

[email protected]

web.nvd.nist.gov

cve-2022-43117

sourcecodester

cross-site scripting

name

username

description

site feature

mysql

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

21.9%

JSON

Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters.

Affected configurations

NVD

Node

password_storage_application_projectpassword_storage_applicationMatch1.0

References

drive.google.com/file/d/1ZmAuKMVzUpL8pt5KXQJk8IyPECoVP9xw/view?usp=sharing

github.com/RashidKhanPathan/CVE-2022-43117