LinZhaoguan pb-cms IpUtil.getIpAddr cross site scripting
CVE-2022-4353

3.5LOW

Key Information:

Vendor: Linzhaoguan
Status: Pb-cms
Vendor: CVE Published:; 8 December 2022

🔔 Create Linzhaoguan Vulnerability Alert

What is CVE-2022-4353?

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215113 was assigned to this vulnerability.

Affected Version(s)

pb-cms 2.0

References

https://gitee.com/LinZhaoguan/pb-cms/issues/I52422

https://vuldb.com/?id.215113

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2022
Vulnerability Reserved
Dec 8, 2022