Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.14 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1CVSS6AI score0.01154EPSS
Exploits0References1
OSV
OSV
added 2022/02/19 1:15 a.m.10 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1CVSS5.5AI score0.01154EPSS
Exploits0References3
NVD
NVD
added 2022/02/19 1:15 a.m.19 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1CVSS0.01154EPSS
Exploits0References3
Prion
Prion
added 2022/02/19 1:15 a.m.13 views

Cross site scripting

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

4.3CVSS5.9AI score0.01154EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/02/19 12:17 a.m.25 views

CVE-2022-25256

SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfsrequestbacklabellist and saspfsrequestbackurllist. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing...

6.1AI score0.01154EPSS
Exploits0References3
CVE
CVE
added 2022/02/19 12:17 a.m.98 views

CVE-2022-25256

CVE-2022-25256 affects SAS Web Report Studio 4.4. The flaw is an XSS in /SASWebReportStudio/logonAndRender.do mediated by two parameters, saspfs_request_backlabel_list and saspfs_request_backurl_list. The second parameter can route to a malicious page and can execute JavaScript via a javascript: ...

6.1CVSS5.9AI score0.01154EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/02/19 12:0 a.m.6 views

Sas Institute Sas Web Report Studio 跨站脚本漏洞

Sas Institute Sas Web Report Studio is a web application from Sas Institute, Inc. It is used to view, interact with, create, and distribute public and private reports. A cross-site scripting vulnerability exists in Sas Institute Sas Web Report Studio, which stems from Do having two parameters:...

6.1CVSS5.9AI score0.01154EPSS
Exploits0References5
Rows per page
Query Builder