2 matches found
CVE-2022-3958 Potential XSS on personal menu navigation
Cross-site Scripting XSS vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks...
CVE-2022-3958
The CVE-2022-3958 entry concerns a Cross-site Scripting (XSS) flaw in the BlueSpiceUserSidebar extension for BlueSpice. The vulnerability allows a user with a regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users, enabling tar...