Lucene search
JpcertCVE-2022-41993HistoryDec 19, 2022 - 3:15 a.m.
CVE-2022-41993
2022-12-1903:15:10
CWE-79
jpcert
web.nvd.nist.gov
26
cve-2022-41993
cross-site scripting
denshi nyusatsu core system
security vulnerability
remote unauthenticated attack
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
50.1%
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.
Affected configurations
Node
jacicelectronic_bidding_core_systemRange<6
ORjacicelectronic_bidding_core_systemMatch6-
ORjacicelectronic_bidding_core_systemMatch6r4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jacic | electronic_bidding_core_system | * | cpe:2.3:a:jacic:electronic_bidding_core_system:*:*:*:*:*:*:*:* |
| jacic | electronic_bidding_core_system | 6 | cpe:2.3:a:jacic:electronic_bidding_core_system:6:-:*:*:*:*:*:* |
| jacic | electronic_bidding_core_system | 6 | cpe:2.3:a:jacic:electronic_bidding_core_system:6:r4:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Japan Construction Information Center",
"product": "DENSHI NYUSATSU CORE SYSTEM",
"versions": [
{
"version": "v6 R4 and earlier",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2022-41993
2022-12-19 00:00:00
prion
prion
Cross site scripting
2022-12-19 03:15:00
nvd
nvd
CVE-2022-41993
2022-12-19 03:15:10
jvn
jvn
JVN#96321933: Multiple vulnerabilities in DENSHI NYUSATSU CORE SYSTEM
2022-12-15 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
50.1%
Related for CVE-2022-41993