Stored XSS in SmarterTrack v100.0.8019.14010
CVE-2022-24386

8.8HIGH

Key Information:

Vendor: Smartertools
Status: Smartertrack
Vendor: CVE Published:; 14 March 2022

What is CVE-2022-24386?

Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.

Affected Version(s)

SmarterTrack 100.x

References

https://csirt.divd.nl/DIVD-2021-00029

x_refsource_CONFIRMrelated

https://csirt.divd.nl/CVE-2022-24386

x_refsource_CONFIRMthird-party-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 14, 2022
Vulnerability Reserved
Feb 3, 2022

Credit

Discovered by Wietse Boonstra of DIVD

.