CVE-2022-4377

CVSS V2 None CVSS V3 None
Description
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215197 was assigned to this vulnerability.
Overview
  • CVE ID
  • CVE-2022-4377
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-09T08:15:10
  • Last Modified Date
  • 2022-12-12T18:15:50
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:s-cms:s-cms:5.0:*:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2022-12-09 08:21:23 Added to TrackCVE
2022-12-09 14:14:34 2022-12-09T08:15:10.160 2022-12-09T08:15:10 CVE Published Date updated
2022-12-09 14:14:34 2022-12-09T13:48:03 CVE Modified Date updated
2022-12-09 14:14:34 Received Awaiting Analysis Vulnerability Status updated
2022-12-12 01:14:45 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-12 18:17:53 2022-12-12T18:15:50 CVE Modified Date updated
2022-12-12 18:17:53 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-12 18:17:53 CWE-79 Weakness Enumeration updated
2022-12-12 18:17:55 CPE Information updated