CVE-2022-28959 - CERT CVE

  1. CVE-2022-28959

ID CVE-2022-28959
Sažetak Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML.
Reference
CVSS
Base: 4.3
Impact: 2.9
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 26-05-2022 - 04:55
Objavljeno 19-05-2022 - 21:15