CVE-2022-30770

Sažetak

Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to (XSS) vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials.

Reference

https://docs.terminalfour.com/release-notes/83/8.html
https://docs.terminalfour.com/release-notes/82/185.html
https://docs.terminalfour.com/release-notes/82/1821.html
https://bulletproofsi.com/wp-content/uploads/2022/08/Bulletproof_Vuls_Id_2022-30770.pdf
https://bulletproofsi.com/wp-content/uploads/2022/10/Bulletproof_Vuls_Id_CVE-2022-30770.pdf

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

27-10-2022 - 20:23

Objavljeno

16-05-2022 - 03:15