CVE-2022-28703

CVSS V2 None CVSS V3 None
Description
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
Overview
  • CVE ID
  • CVE-2022-28703
  • Assigner
  • talos-cna@cisco.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-15T10:15:11
  • Last Modified Date
  • 2022-12-19T14:42:50
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:lansweeper:lansweeper:10.1.1.0:*:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2022-12-15 16:18:28 Added to TrackCVE
2022-12-18 09:30:12 2022-12-15T10:15:11.420 2022-12-15T10:15:11 CVE Published Date updated
2022-12-18 09:30:12 2022-12-15T13:23:03 CVE Modified Date updated
2022-12-18 09:30:12 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-18 09:30:25 CVSS V3 information new
2022-12-19 15:14:59 2022-12-19T14:42:50 CVE Modified Date updated
2022-12-19 15:14:59 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-19 15:15:03 CWE-79 Weakness Enumeration updated
2022-12-19 15:15:08 CPE Information updated
2022-12-19 15:15:08 CVSS V3 information new