CVE-2022-32763

CVSS V2 None CVSS V3 None
Description
A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
Overview
  • CVE ID
  • CVE-2022-32763
  • Assigner
  • talos-cna@cisco.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-15T10:15:11
  • Last Modified Date
  • 2022-12-19T14:33:26
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:lansweeper:lansweeper:10.1.1.0:*:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2022-12-15 16:18:28 Added to TrackCVE
2022-12-18 09:30:12 2022-12-15T10:15:11.780 2022-12-15T10:15:11 CVE Published Date updated
2022-12-18 09:30:12 2022-12-15T13:23:03 CVE Modified Date updated
2022-12-18 09:30:12 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-18 09:30:23 CVSS V3 information new
2022-12-19 15:15:00 2022-12-19T14:33:26 CVE Modified Date updated
2022-12-19 15:15:00 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-19 15:15:01 CWE-79 Weakness Enumeration new
2022-12-19 15:15:04 CPE Information updated
2022-12-19 15:15:05 CVSS V3 information new