2 matches found
CVE-2022-30460
Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting XSS via /sns/classes/Users.php?f=save, firstname...
CVE-2022-30460
CVE-2022-30460 affects Simple Social Networking Site v1.0. A stored XSS flaw arises in the /sns/classes/Users.php?f=save endpoint via the firstname parameter. The CNNVD entry explicitly calls it stored XSS; CVSS metrics (NVD) show base scores of 3.5 (v2.0) / 5.4 (v3.1), indicating a low to medium...