6 matches found
CVE-2022-42000
Cross-site Scripting XSS vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject arbitrary HTML into the comment section of a wikipage...
Cross site scripting
Cross-site Scripting XSS vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject arbitrary HTML into the comment section of a wikipage...
CVE-2022-42000 Potential XSS in comment section
Cross-site Scripting XSS vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject arbitrary HTML into the comment section of a wikipage...
CVE-2022-42000 Potential XSS in comment section
Cross-site Scripting XSS vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject arbitrary HTML into the comment section of a wikipage...
CVE-2022-42000
CVE-2022-42000 describes a Cross-site Scripting (XSS) vulnerability in the BlueSpiceSocialProfile extension of BlueSpice. A user with comment permissions can inject arbitrary HTML into the comment section of a wiki page, with the impact described as low confidentiality and integrity (availability...
PT-2022-26205 · Unknown +1 · Bluespicesocialprofile +1
Name of the Vulnerable Software and Affected Versions: BlueSpice affected versions not specified Description: The issue allows a user with comment permissions to inject arbitrary HTML into the comment section of a wikipage, which can lead to Cross-site Scripting XSS. This occurs in the...