Lucene search

MitreCVELIST:CVE-2022-48192

HistoryNov 06, 2023 - 12:00 a.m.

CVE-2022-48192 Cross-site scripting vulnerability in Softing smartLink SW-HT

2023-11-0600:00:00

mitre

www.cve.org

softing smartlink

cross-site scripting

vulnerability

cve-2022-48192

application security

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.0%

JSON

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application.

References

industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html

industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.0%

JSON

Related for CVELIST:CVE-2022-48192