Lucene search
GoogleOSV:CVE-2022-45016HistoryNov 21, 2022 - 3:15 p.m.
CVE-2022-45016
2022-11-2115:15:12
Google
osv.dev
3
cve-2022-45016
cross-site scripting
vulnerability
search settings
wbce cms
footer field
arbitrary web scripts
html
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
32.5%
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.
Related
cve
cve
CVE-2022-45016
2022-11-21 15:15:12
prion
prion
Cross site scripting
2022-11-21 15:15:00
cvelist
cvelist
CVE-2022-45016
2022-11-21 00:00:00
nvd
nvd
CVE-2022-45016
2022-11-21 15:15:12
cnvd
cnvd
WBCE CMS Cross-Site Scripting Vulnerability (CNVD-2022-86446)
2022-11-23 00:00:00
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
32.5%
Related for OSV:CVE-2022-45016