← Zuruck zu CVEs
CVE-2022-40778
MEDIUM5.4
Beschreibung
A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response.
CVE Details
CVSS v3.1 Bewertung5.4
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionREQUIRED
Veroffentlicht9/19/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
opswat:metadefender
Schwachen (CWE)
CWE-79
Referenzen
https://docs.opswat.com/mdicap/release-notes(cve@mitre.org)
https://www.opswat.com/products/metadefender/icap(cve@mitre.org)
https://docs.opswat.com/mdicap/release-notes(af854a3a-2127-422b-91ae-364da2661108)
https://www.opswat.com/products/metadefender/icap(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.