CVE-2022-3546

Medium

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue…

VulDB·CWE-707·Published 2022-10-17

CVSS

4.8

EPSS

0.01

KEV

Exploits

cve.orgen

492 chars

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability.

NVDen

492 chars

NVDes

545 chars

Se ha encontrado una vulnerabilidad en SourceCodester Simple Cold Storage Management System versión 1.0, y ha sido clasificada como problemática. Este problema afecta a una funcionalidad desconocida del archivo /csms/admin/?page=user/list del componente Create User Handler. La manipulación del argumento First Name/Last Name conlleva a un ataque de tipo un cross site scripting. El ataque puede ser lanzado remotamente. La explotación ha sido divulgada al público y puede ser usada. VDB-211046 es el identificador asignado a esta vulnerabilidad

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	4.8	1.7	2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
3.1	Primary	cve.org	2.4	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	2.4	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
3.1	Secondary	NVD	2.4	0.9	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N