CVE-2022-46889

CVSS V2 None CVSS V3 None
Description
A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.
Overview
  • CVE ID
  • CVE-2022-46889
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-19T19:15:11
  • Last Modified Date
  • 2023-01-25T19:42:41
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:nexusphp:nexusphp:*:*:*:*:*:*:*:* 1 OR 1.7.33
History
Created Old Value New Value Data Type Notes
2023-01-19 20:14:28 Added to TrackCVE
2023-01-19 22:15:52 2023-01-19T22:06:06 CVE Modified Date updated
2023-01-19 22:15:52 Received Awaiting Analysis Vulnerability Status updated
2023-01-25 15:14:11 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-25 20:13:53 2023-01-25T19:42:41 CVE Modified Date updated
2023-01-25 20:13:53 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-25 20:13:54 Weakness Enumeration new
2023-01-25 20:13:56 CPE Information updated