Lucene search
MitreCVE-2022-42236HistoryOct 11, 2022 - 6:15 p.m.
CVE-2022-42236
2022-10-1118:15:11
CWE-79
mitre
web.nvd.nist.gov
24
2
cve-2022-42236
stored xss
merchandise online store
arbitrary javascript
injection
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
22.7%
A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form.
Affected configurations
Node
merchandise_online_store_projectmerchandise_online_storeMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| merchandise_online_store_project | merchandise_online_store | 1.0 | cpe:2.3:a:merchandise_online_store_project:merchandise_online_store:1.0:*:*:*:*:*:*:* |
Social References
More
Related
cvelist
cvelist
CVE-2022-42236
2022-10-11 00:00:00
prion
prion
Cross site scripting
2022-10-11 18:15:00
nvd
nvd
CVE-2022-42236
2022-10-11 18:15:11
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
22.7%
Related for CVE-2022-42236