Lucene search
MitreCVE-2022-32118HistoryJul 15, 2022 - 12:15 p.m.
CVE-2022-32118
2022-07-1512:15:08
CWE-79
mitre
web.nvd.nist.gov
40
3
cve-2022-32118
arox school erp pro
xss vulnerability
dispatchcategory parameter
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
36.9%
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php.
Affected configurations
Node
aroxschool_erp_proMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arox | school_erp_pro | 1.0 | cpe:2.3:a:arox:school_erp_pro:1.0:*:*:*:*:*:*:* |
Social References
More
Related
prion
prion
Cross site scripting
2022-07-15 12:15:00
cvelist
cvelist
CVE-2022-32118
2022-07-15 11:13:25
nvd
nvd
CVE-2022-32118
2022-07-15 12:15:08
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
36.9%
Related for CVE-2022-32118