Lucene search

MitreCVE-2022-32318

HistoryJul 14, 2022 - 8:15 p.m.

CVE-2022-32318

2022-07-1420:15:08

CWE-79

mitre

web.nvd.nist.gov

cve-2022-32318

fast food ordering system

xss vulnerability

nvd

security

information security

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

21.9%

JSON

Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the component /ffos/classes/Master.php?f=save_category.

Affected configurations

Nvd

Node

fast_food_ordering_system_projectfast_food_ordering_systemMatch1.0

VendorProductVersionCPE
fast_food_ordering_system_projectfast_food_ordering_system1.0cpe:2.3:a:fast_food_ordering_system_project:fast_food_ordering_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fast_food_ordering_system_project	fast_food_ordering_system	1.0	cpe:2.3:a:fast_food_ordering_system_project:fast_food_ordering_system:1.0:::::::*

References

packetstormsecurity.com/files/167309/Fast-Food-Ordering-System-1.0-Cross-Site-Scripting.html

Social References

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

21.9%

JSON

Related for CVE-2022-32318