Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:30 a.m.7 views

CVE-2022-48612

A Universal Cross Site Scripting UXSS vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression validating whether a URL is controlled by ClassLink is not present in all applicable places...

6.1CVSS6.1AI score0.00434EPSS
Exploits1References1
NVD
NVD
added 2024/01/23 6:15 p.m.21 views

CVE-2023-45889

A Universal Cross Site Scripting UXSS vulnerability in ClassLink OneClick Extension through 10.8 allows remote attackers to inject JavaScript into any webpage. NOTE: this issue exists because of an incomplete fix for CVE-2022-48612...

6.1CVSS6.2AI score0.00446EPSS
Exploits1References2
Prion
Prion
added 2024/01/23 6:15 p.m.19 views

Cross site scripting

A Universal Cross Site Scripting UXSS vulnerability in ClassLink OneClick Extension through 10.8 allows remote attackers to inject JavaScript into any webpage. NOTE: this issue exists because of an incomplete fix for CVE-2022-48612...

5.8CVSS6.9AI score0.00446EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2023/10/16 12:0 a.m.67 views

CVE-2022-48612

CVE-2022-48612 describes a Universal Cross Site Scripting (UXSS) weakness in ClassLink OneClick Extension up to version 10.7, enabling remote JavaScript injection by exploiting missing URL-control regexes in multiple code paths. Connected documents extend the impact to 10.8 (CVE-2023-45889) and i...

6.1CVSS6.1AI score0.00434EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder