CVE-2022-31914 — Cross-site Scripting in ZOO Management System

Severity

5.4MEDIUMNVD

EPSS

0.2%

top 57.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJun 16

Latest updateJun 17

Description

Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

GHSA

GHSA-rpcp-hhwc-5747: Zoo Management System v1↗2022-06-17

▶

CVEList

CVE-2022-31914: Zoo Management System v1↗2022-06-16

▶