CVE-2022-3992

CWE-707 CWE-79 — Cross-site Scripting (XSS)CWE-908 — Use of Uninitialized Resource CWE-416 — Use After Free5 documents5 sources

Severity

6.1MEDIUM

EPSS

0.2%

top 56.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Sanitization Management System

Timeline

PublishedNov 14

Description

A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=system_info of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-213571.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages1 packages

▶CVEListV5sourcecodester/sanitization_management_systemn/a

🔴Vulnerability Details

GHSA

GHSA-m9gv-9g9h-qrcr: A vulnerability classified as problematic was found in SourceCodester Sanitization Management System↗2022-11-14

▶

CVEList

SourceCodester Sanitization Management System Banner Image cross site scripting↗2022-11-14

▶

📋Vendor Advisories

CISA

VMware ESXi OpenSLP Use-After-Free Vulnerability↗2021-11-03

▶