Lucene search
MitreCVE-2022-45016HistoryNov 21, 2022 - 3:15 p.m.
CVE-2022-45016
2022-11-2115:15:12
CWE-79
mitre
web.nvd.nist.gov
33
6
cve-2022-45016
xss
vulnerability
wbce cms
search settings
web scripts
html
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
32.5%
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.
Affected configurations
Node
wbcewbce_cmsRange≤1.5.4
Social References
More
Related
prion
prion
Cross site scripting
2022-11-21 15:15:00
cnvd
cnvd
WBCE CMS Cross-Site Scripting Vulnerability (CNVD-2022-86446)
2022-11-23 00:00:00
osv
osv
CVE-2022-45016
2022-11-21 15:15:12
cvelist
cvelist
CVE-2022-45016
2022-11-21 00:00:00
nvd
nvd
CVE-2022-45016
2022-11-21 15:15:12
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
32.5%
Related for CVE-2022-45016