Lucene search

[email protected]NVD:CVE-2022-4738

HistoryDec 25, 2022 - 8:15 p.m.

CVE-2022-4738

2022-12-2520:15:25

CWE-79

[email protected]

web.nvd.nist.gov

vulnerability

sourcecodester

blood bank management system

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

26.7%

JSON

A vulnerability classified as problematic has been found in SourceCodester Blood Bank Management System 1.0. Affected is an unknown function of the file index.php?page=users of the component User Registration Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-216774 is the identifier assigned to this vulnerability.

Affected configurations

Nvd

Node

blood_bank_management_system_projectblood_bank_management_systemMatch1.0

VendorProductVersionCPE
blood_bank_management_system_projectblood_bank_management_system1.0cpe:2.3:a:blood_bank_management_system_project:blood_bank_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
blood_bank_management_system_project	blood_bank_management_system	1.0	cpe:2.3:a:blood_bank_management_system_project:blood_bank_management_system:1.0:::::::*

References

vuldb.com/?ctiid.216774

vuldb.com/?id.216774

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

26.7%

JSON

Related for NVD:CVE-2022-4738

prion1 cvelist1 cve1