PT-2022-13680 · Mineweb · Minewebcms

Aggressiveuser

Published

2022-03-30

Updated

2022-06-02

CVE-2022-1163

CVSS v3.1

6.8

Medium

Vector

AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions mineweb/minewebcms versions prior to next

Description The issue is related to Cross-site Scripting (XSS) - Stored. This means that an attacker can inject malicious scripts into the website, which will be executed by other users' browsers. The estimated number of potentially affected devices worldwide is not available.

Recommendations For versions prior to next, update to the next version to resolve the issue. At the moment, there is no information about additional mitigation measures.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-1163

Affected Products

Minewebcms

PT-2022-13680 · Mineweb · Minewebcms

CVE-2022-1163

Weakness Enumeration

Related Identifiers

Affected Products

References · 8