Lucene search

[email protected]NVD:CVE-2022-43271

HistoryDec 22, 2022 - 2:15 a.m.

CVE-2022-43271

2022-12-2202:15:08

CWE-79

[email protected]

web.nvd.nist.gov

inhabit systems pty ltd

move crm

version 4

build 260

cross-site scripting

vulnerability

user profile component

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

23.1%

JSON

Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting (XSS) vulnerability via the User profile component.

Affected configurations

Nvd

Node

inhabitmove_crmMatch4build_260

VendorProductVersionCPE
inhabitmove_crm4cpe:2.3:a:inhabit:move_crm:4:build_260:*:*:*:*:*:*

Vendor	Product	Version	CPE
inhabit	move_crm	4	cpe:2.3:a:inhabit:move_crm:4:build_260::::::

References

github.com/SecurityWillCheck/CVE-2022-43271

inhabit.com.au/CVE-2022-43271