CVE-2022-46381

CVSS V2 None CVSS V3 None
Description
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
Overview
  • CVE ID
  • CVE-2022-46381
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-13T22:15:10
  • Last Modified Date
  • 2022-12-16T17:11:49
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-07e:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-07p:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-08e:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-08f:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-09a:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-09b:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-09c:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:niceforyou:linear_emerge_e3_access_control:-:*:*:*:*:*:*:* 0 OR
History
Created Old Value New Value Data Type Notes
2022-12-13 23:14:13 Added to TrackCVE
2022-12-14 14:15:21 2022-12-13T22:15:10.300 2022-12-13T22:15:10 CVE Published Date updated
2022-12-14 14:15:21 2022-12-14T14:09:58 CVE Modified Date updated
2022-12-14 14:15:21 Received Awaiting Analysis Vulnerability Status updated
2022-12-15 20:15:05 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-18 04:35:26 2022-12-16T17:11:49 CVE Modified Date updated
2022-12-18 04:35:26 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-18 04:35:29 CWE-79 Weakness Enumeration new
2022-12-18 04:35:36 CPE Information updated