CVE-2022-4735

CVSS V2 None CVSS V3 None
Description
A vulnerability classified as problematic was found in asrashley dash-live. This vulnerability affects the function ready of the file static/js/media.js of the component DOM Node Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 24d01757a5319cc14c4aa1d8b53d1ab24d48e451. It is recommended to apply a patch to fix this issue. VDB-216766 is the identifier assigned to this vulnerability.
Overview
  • CVE ID
  • CVE-2022-4735
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-25T16:15:10
  • Last Modified Date
  • 2023-01-04T20:33:46
Weakness Enumerations
CWE URL
CWE-79 http://cwe.mitre.org/data/definitions/79.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:dash-live_project:dash-live:*:*:*:*:*:*:*:* 1 OR 2022-03-01
References
Reference URL Reference Tags
https://github.com/asrashley/dash-live/commit/24d01757a5319cc14c4aa1d8b53d1ab24d48e451
https://github.com/asrashley/dash-live/pull/7
https://vuldb.com/?ctiid.216766
https://vuldb.com/?id.216766
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-4735
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4735
History
Created Old Value New Value Data Type Notes
2022-12-25 16:16:42 Added to TrackCVE
2022-12-25 16:16:42 Weakness Enumeration new
2022-12-27 14:15:41 2022-12-27T13:48:11 CVE Modified Date updated
2022-12-27 14:15:41 Received Awaiting Analysis Vulnerability Status updated
2022-12-27 14:15:45 CVSS V3 information new
2022-12-29 19:14:31 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-29 19:14:32 CVSS V3 information new
2023-01-04 21:14:33 2023-01-04T20:33:46 CVE Modified Date updated
2023-01-04 21:14:33 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-04 21:14:35 CPE Information updated
2023-01-04 21:14:35 CVSS V3 information new