CVE-2022-1167

Sažetak

There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1, via the filter parameters.

Reference

https://themeforest.net/item/careerup-job-board-wordpress-theme/24002090
https://wpscan.com/vulnerability/a30a1430-c474-4cd1-877c-35c4ab624170
https://m0ze.ru/vulnerability/%5B2020-06-17%5D-%5BWordPress%5D-%5BCWE-79%5D-CareerUp-WordPress-Theme-v2.3.0.txt

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

07-11-2023 - 03:41

Objavljeno

04-04-2022 - 16:15