PT-2022-16486 · Qingscan · Qingscan
We1X4No
·
Published
2022-03-30
·
Updated
2022-04-05
·
CVE-2022-24135
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
QingScan version 1.3.0
Description
The issue is related to a Cross Site Scripting (XSS) vulnerability that affects all search functions. This means an attacker could potentially inject malicious scripts into the search functionality of the affected software, leading to the execution of unauthorized code on the client-side.
Recommendations
For QingScan version 1.3.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qingscan