Cross-site Scripting (XSS) - Generic in neorazorx/facturascripts
CVE-2022-1988

6.5MEDIUM

Key Information:

Vendor

Neorazorx

Status
Neorazorx/facturascripts
Vendor
CVE Published:
3 June 2022

What is CVE-2022-1988?

Cross-site Scripting (XSS) - Generic in GitHub repository neorazorx/facturascripts prior to 2022.09.

Affected Version(s)

neorazorx/facturascripts < 2022.09

References

https://huntr.dev/bounties/7882a35a-b27e-4d7e-9fcc-e9e009...
x_refsource_CONFIRM
https://github.com/neorazorx/facturascripts/commit/93fc65...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

CVSS V3.0

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.