← volver
CVE-2022-2094

Yellow Yard Searchbar < 2.8.2 - Reflected Cross-Site Scripting

CVSS 6.1 MEDIUMEPSS 0.5%
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.1EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
08 feb 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N