Lucene search

GoogleOSV:CVE-2022-43696

HistoryApr 15, 2023 - 2:15 a.m.

CVE-2022-43696

2023-04-1502:15:07

Google

osv.dev

cve-2022-43696

ox app suite

xss

upsell ads

software

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

43.8%

JSON

OX App Suite before 7.10.6-rev20 allows XSS via upsell ads.

CPENameOperatorVersion
appsuite-frontendeq7.4.2-26
appsuite-frontendeq7.2.2-1
appsuite-frontendeq7.0.1-2
appsuite-frontendeq7.0.1-6
appsuite-frontendeq7.2.2-7
appsuite-frontendeq7.2.0-4
appsuite-frontendeq7.4.2-28
appsuite-frontendeq7.10.5-2
appsuite-frontendeq7.6.2-7
appsuite-frontendeq7.2.2-9

Name	Operator	Version
appsuite-frontend	eq	7.4.2-26
appsuite-frontend	eq	7.2.2-1
appsuite-frontend	eq	7.0.1-2
appsuite-frontend	eq	7.0.1-6
appsuite-frontend	eq	7.2.2-7
appsuite-frontend	eq	7.2.0-4
appsuite-frontend	eq	7.4.2-28
appsuite-frontend	eq	7.10.5-2
appsuite-frontend	eq	7.6.2-7
appsuite-frontend	eq	7.2.2-9

Rows per page:

1-10 of 2391

References

open-xchange.com

seclists.org/fulldisclosure/2023/Feb/3

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

43.8%

JSON

Related for OSV:CVE-2022-43696