Lucene search
MitreCVE-2022-34834HistoryOct 27, 2023 - 9:15 p.m.
CVE-2022-34834
2023-10-2721:15:08
CWE-79
mitre
web.nvd.nist.gov
30
cve-2022-34834
vermeg
agilereporter
xss
privilege escalation
nvd
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5
Confidence
High
EPSS
0.001
Percentile
20.8%
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log.
Affected configurations
Node
vermegagile_reporterMatch21.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vermeg | agile_reporter | 21.3 | cpe:2.3:a:vermeg:agile_reporter:21.3:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2022-34834
2023-10-27 21:15:08
prion
prion
Cross site scripting
2023-10-27 21:15:00
cvelist
cvelist
CVE-2022-34834
2023-10-27 00:00:00
vulnrichment
vulnrichment
CVE-2022-34834
2023-10-27 00:00:00
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
5
Confidence
High
EPSS
0.001
Percentile
20.8%
Related for CVE-2022-34834