Lucene search
JpcertCVE-2022-30706HistoryJul 26, 2022 - 6:15 a.m.
CVE-2022-30706
2022-07-2606:15:07
CWE-601
jpcert
web.nvd.nist.gov
40
6
cve
security
vulnerability
booked
open redirect
phishing
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.5%
Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
Affected configurations
Node
twinkletoessoftwarebookedRange<3.3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| twinkletoessoftware | booked | * | cpe:2.3:a:twinkletoessoftware:booked:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Booked",
"vendor": "Twinkle Toes Software",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.3"
}
]
}
]Social References
More
Related
nvd
nvd
CVE-2022-30706
2022-07-26 06:15:07
cvelist
cvelist
CVE-2022-30706
2022-07-26 05:10:14
jvn
jvn
JVN#75063798: Booked vulnerable to open redirect
2022-07-22 00:00:00
prion
prion
Open redirect
2022-07-26 06:15:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.5%
Related for CVE-2022-30706