Lucene search
@huntrdevCVELIST:CVE-2022-1571HistoryMay 04, 2022 - 10:20 a.m.
CVE-2022-1571 Cross-site scripting - Reflected in Create Subaccount in neorazorx/facturascripts
2022-05-0410:20:09
CWE-79
@huntrdev
www.cve.org
1
cross-site scripting
reflected
neorazorx/facturascripts
github
vulnerability
javascript
http request
cookie
security
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
EPSS
0.001
Percentile
30.0%
Cross-site scripting - Reflected in Create Subaccount in GitHub repository neorazorx/facturascripts prior to 2022.07. This vulnerability can be arbitrarily executed javascript code to steal user’cookie, perform HTTP request, get content of same origin page, etc …
CNA Affected
[
{
"product": "neorazorx/facturascripts",
"vendor": "neorazorx",
"versions": [
{
"lessThan": "2022.07",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
huntr
huntr
Cross-site scripting - Reflected in Create Subaccount
2022-04-30 10:26:16
osv
osv
CVE-2022-1571
2022-05-04 11:15:08
Cross-site Scripting in FacturaScripts
2022-05-05 00:00:26
nvd
nvd
CVE-2022-1571
2022-05-04 11:15:08
veracode
veracode
Cross-site Scripting (XSS)
2022-05-05 11:47:09
prion
prion
Cross site scripting
2022-05-04 11:15:00
cve
cve
CVE-2022-1571
2022-05-04 11:15:08
github
github
Cross-site Scripting in FacturaScripts
2022-05-05 00:00:26
cnvd
cnvd
FacturaScripts Cross-Site Scripting Vulnerability (CNVD-2022-76230)
2022-05-09 00:00:00
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
EPSS
0.001
Percentile
30.0%
Related for CVELIST:CVE-2022-1571