4 matches found
CVE-2022-44012
An issue was discovered in /DS/LMAPI/api/SelectionService/InsertQueryWithActiveRelationsReturnId in Simmeth Lieferantenmanager before 5.6. An attacker can execute JavaScript code in the browser of the victim if a site is loaded. The victim's encrypted password can be stolen and most likely be...
CVE-2022-44012
creationtimestamp| type| source ---|---|--- 2022-12-25 09:49:50+00:00| seen| https://t.me/cibsecurity/55305...
CVE-2022-44012
An issue was discovered in /DS/LMAPI/api/SelectionService/InsertQueryWithActiveRelationsReturnId in Simmeth Lieferantenmanager before 5.6. An attacker can execute JavaScript code in the browser of the victim if a site is loaded. The victim's encrypted password can be stolen and most likely be...
CVE-2022-44012
CVE-2022-44012 affects Simmeth Lieferantenmanager (pre-5.6). An issue in the /DS/LM_API/api/SelectionService/InsertQueryWithActiveRelationsReturnId endpoint enables cross-site scripting, allowing an attacker to run JavaScript in a victim’s browser and potentially access the victim’s encrypted pas...