Lucene search
GoogleOSV:CVE-2022-35910HistoryAug 19, 2022 - 1:15 p.m.
CVE-2022-35910
2022-08-1913:15:08
Google
osv.dev
3
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.4%
In Jellyfin before 10.8, stored XSS allows theft of an admin access token.
Related
osv
osv
Incorrect Access Control and Cross Site Scripting in Jellyfin
2022-08-20 00:00:39
CVE-2022-35909
2022-08-19 13:15:08
cve
cve
CVE-2022-35909
2022-08-19 13:15:08
CVE-2022-35910
2022-08-19 13:15:08
github
github
Incorrect Access Control and Cross Site Scripting in Jellyfin
2022-08-20 00:00:39
prion
prion
Improper access control
2022-08-19 13:15:00
Cross site scripting
2022-08-19 13:15:00
nvd
nvd
CVE-2022-35909
2022-08-19 13:15:08
CVE-2022-35910
2022-08-19 13:15:08
cvelist
cvelist
CVE-2022-35909
2022-08-19 11:52:55
CVE-2022-35910
2022-08-19 11:52:33
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.4%
Related for OSV:CVE-2022-35910