CVE-2022-1076

Automatic Question Paper Generator System My Account Page login.php cross site scripting

CVSS 4.3 MEDIUMEPSS 0.5%CWE-79

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

29 Mar 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate the attack remotely.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

unspecified · Automatic Question Paper Generator System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://vuldb.com/?id.194847