CVE-2022-3587

SourceCodester Simple Cold Storage Management System My Account cross site scripting

CVSS 3.5 LOWEPSS 0.5%CWE-707

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 3.5EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

18 oct 2022Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component My Account. The manipulation of the argument First Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211201 was assigned to this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Productos afectados

SourceCodester · Simple Cold Storage Management System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/rsrahulsingh05/POC/blob/main/Stored%20XSS https://vuldb.com/?id.211201