Lucene search

VulDBCVE-2022-3587

HistoryOct 18, 2022 - 1:15 p.m.

CVE-2022-3587

2022-10-1813:15:10

CWE-707

CWE-79

VulDB

web.nvd.nist.gov

sourcecodester

cold storage

management system

xss

cross-site scripting

vulnerability

nvd

cve-2022-3587

vdb-211201

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

21.4%

JSON

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component My Account. The manipulation of the argument First Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211201 was assigned to this vulnerability.

Affected configurations

Nvd

Vulners

Node

oretnom23simple_cold_storage_management_systemMatch1.0

VendorProductVersionCPE
oretnom23simple_cold_storage_management_system1.0cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oretnom23	simple_cold_storage_management_system	1.0	cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:::::::*

CNA Affected

[
  {
    "vendor": "SourceCodester",
    "product": "Simple Cold Storage Management System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

References

github.com/rsrahulsingh05/POC/blob/main/Stored%20XSS

vuldb.com/?id.211201

Social References