Lucene search

VulDBCVE-2022-3497

HistoryOct 14, 2022 - 7:15 a.m.

CVE-2022-3497

2022-10-1407:15:09

CWE-707

CWE-79

VulDB

web.nvd.nist.gov

cve-2022-3497

vulnerability

sourcecodester

hrms

1.0

remote

cross site scripting

master list

vdb-210786

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to launch the attack remotely. VDB-210786 is the identifier assigned to this vulnerability.

Affected configurations

Nvd

Vulners

Node

oretnom23human_resource_management_systemMatch1.0

VendorProductVersionCPE
oretnom23human_resource_management_system1.0cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oretnom23	human_resource_management_system	1.0	cpe:2.3:a:oretnom23:human_resource_management_system:1.0:::::::*

CNA Affected

[
  {
    "vendor": "SourceCodester",
    "product": "Human Resource Management System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

References

vuldb.com/?id.210786

Social References