Lucene search

[email protected]CVE-2022-2266

HistorySep 22, 2022 - 9:15 a.m.

CVE-2022-2266

2022-09-2209:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cve-2022-2266

university library automation system

yordam bilgi teknolojileri

xss vulnerability

nvd

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

31.5%

JSON

University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2

Affected configurations

NVD

Node

yordamlibrary_automation_systemRange<19.2

CPENameOperatorVersion
yordam:library_automation_systemyordam library automation systemlt19.2

CPE	Name	Operator	Version
yordam:library_automation_system	yordam library automation system	lt	19.2

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Yordam Bilgi Teknolojileri",
    "vendor": "Yordam Bilgi Teknolojileri",
    "versions": [
      {
        "lessThan": "19.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-22-0637

Social References

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

31.5%

JSON

Related for CVE-2022-2266

prion1 cvelist1 nvd1