3 matches found
CVE-2022-38089
Stored cross-site scripting vulnerability in Exment PHP8 exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, PHP7 exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier allows a remote authenticated attacker to inject an arbitrary script...
CVE-2022-38089
CVE-2022-38089 describes a stored cross-site scripting (XSS) vulnerability in Exment and the exceedone/laravel-admin integration. The issue affects PHP8: exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier; PHP7: exceedone/exment v4.4.2 and earlier and exceedone/lar...
JVN#46239102: Multiple vulnerabilities in Exment
Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2022-38080 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:H/Au:S/C:N/I:P/A:N| Base Score: 2.1...