CVE-2022-3958 - CERT CVE
ID CVE-2022-3958
Sažetak Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks.
Reference
CVSS
Base: 5.4
Impact: 2.7
Exploitability:2.3
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Zadnje važnije ažuriranje 16-11-2022 - 19:43
Objavljeno 15-11-2022 - 15:15