Lucene search
+L

4 matches found

nvd
nvd
added 2022/02/19 1:15 a.m.20 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1CVSS0.01172EPSS
Exploits0References3
attackerkb
attackerkb
added 2022/02/19 1:15 a.m.3 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1CVSS6.4AI score0.01172EPSS
Exploits0References4
cve
cve
added 2022/02/19 12:17 a.m.98 views

CVE-2022-25256

CVE-2022-25256 affects SAS Web Report Studio 4.4. The flaw is an XSS in /SASWebReportStudio/logonAndRender.do mediated by two parameters, saspfs_request_backlabel_list and saspfs_request_backurl_list. The second parameter can route to a malicious page and can execute JavaScript via a javascript: ...

6.1CVSS5.9AI score0.01172EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2022/02/19 12:17 a.m.29 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1AI score0.01172EPSS
Exploits0References3
Rows per page
Query Builder