Lucene search
PRIOn knowledge basePRION:CVE-2022-42748HistoryNov 03, 2022 - 8:15 p.m.
Cross site scripting
2022-11-0320:15:00
PRIOn knowledge base
www.prio-n.com
6
candidats vulnerability
cross site scripting
ajax.php
sortdirection
xss attacks
nvd
0.001 Low
EPSS
Percentile
40.9%
CandidATS version 3.0.0 on ‘sortDirection’ of the ‘ajax.php’ resource, allows an external attacker to steal the cookie of arbitrary users. This is possible because the application application does not properly validate user input against XSS attacks.
Related
nuclei
nuclei
CandidATS 3.0.0 - Cross-Site Scripting.
2022-11-04 13:23:57
cvelist
cvelist
CVE-2022-42748
2022-11-03 00:00:00
nvd
nvd
CVE-2022-42748
2022-11-03 20:15:32
cve
cve
CVE-2022-42748
2022-11-03 20:15:32