Lucene search
HistoryNov 21, 2022 - 3:15 p.m.
CVE-2022-45017
cross-site scripting
vulnerability
web scripts
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
26.4%
A cross-site scripting (XSS) vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field.
Affected configurations
Node
wbcewbce_cmsRange≤1.5.4
Related
cvelist
cvelist
CVE-2022-45017
2022-11-21 00:00:00
cve
cve
CVE-2022-45017
2022-11-21 15:15:12
osv
osv
CVE-2022-45017
2022-11-21 15:15:12
prion
prion
Cross site scripting
2022-11-21 15:15:00
cnvd
cnvd
WBCE CMS Cross-Site Scripting Vulnerability
2022-11-23 00:00:00
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
26.4%
Related for NVD:CVE-2022-45017