CVE-2022-29887 β€” Cross-site Scripting in Intel Manageability Commander

CWE-79 β€” Cross-site Scripting3 documents3 sources
Severity
9.6CRITICALNVD
CNA8.1
EPSS
0.5%
top 33.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Manageability Commander
Timeline
PublishedAug 11

Description

Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-jx65-p7rw-vj3x: Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2β†—2023-08-11
β–Ά
CVEList
CVE-2022-29887: Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2β†—2023-08-11
β–Ά
CVE-2022-29887 β€” Cross-site Scripting in Intel | cvebase