Lucene search
MitreCVE-2022-42992HistoryOct 27, 2022 - 12:15 p.m.
CVE-2022-42992
2022-10-2712:15:10
CWE-79
mitre
web.nvd.nist.gov
36
6
cve-2022-42992
train scheduler app
xss
security vulnerabilities
web application
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
28.1%
Multiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App v1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Train Code, Train Name, and Destination text fields.
Affected configurations
Node
train_scheduler_app_projecttrain_scheduler_appMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| train_scheduler_app_project | train_scheduler_app | 1.0 | cpe:2.3:a:train_scheduler_app_project:train_scheduler_app:1.0:*:*:*:*:*:*:* |
References
Social References
More
Related
prion
prion
Cross site scripting
2022-10-27 12:15:00
nvd
nvd
CVE-2022-42992
2022-10-27 12:15:10
cvelist
cvelist
CVE-2022-42992
2022-10-27 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
28.1%
Related for CVE-2022-42992