3 matches found
CVE-2022-4586
Opencaching Deutschland oc-server3 contains a cross-site scripting vulnerability in the Cachelist Handler, specifically in htdocs/templates2/ocstyle/cachelists.tpl. Manipulation of the name_filter/by_filter arguments enables remote execution of scripts. The CVE entry notes that the attack can be ...
CVE-2022-4585
Opencaching Deutschland oc-server3’s Cookie Handler contains a cross-site scripting (XSS) flaw in an unknown part of htdocs/templates2/ocstyle/start.tpl triggered by manipulating the usercountryCode parameter. The issue is exploitable remotely. A patch is available: c720f2777a452186c67ef30db3679d...
CVE-2022-4587
Summary of CVE-2022-4587 (Opencaching Deutschland oc-server3) Affected software: Opencaching Deutschland oc-server3, specifically the Login Page component (htdocs/templates2/ocstyle/login.tpl). Vulnerability: Cross-site scripting (XSS) via manipulation of the argument username. The issue may be t...