CVE-2022-25629

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue allows an authenticated user with the privilege to add or edit annotations on the Content tab to craft a malicious annotation. This malicious annotation can be executed on the annotations page, specifically in the Annotation Text Column.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-25629

Affected Products

Messaging Gateway

CVE-2022-25629

Weakness Enumeration

Related Identifiers

Affected Products

References · 4