XSS in Firmanet Software and Technology Customer Relation Manager
CVE-2022-23791

6.1MEDIUM

Key Information:

Vendor: Firmanet Software And Technology
Status: Customer Relation Manager
Vendor: CVE Published:; 14 March 2023

🔔 Create Firmanet Software And Technology Vulnerability Alert

What is CVE-2022-23791?

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS).This issue affects Customer Relation Manager: before 2022.03.13.

Affected Version(s)

Customer Relation Manager 0 < 2022.03.13

References

https://www.usom.gov.tr/bildirim/tr-23-0145

government-resource

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2023
Vulnerability Reserved
Jan 20, 2022

Credit

Bugra TURKOGLU