PT-2022-18476 · Ibm · Bigfix Web Reports

Published

2022-07-19

·

Updated

2022-07-27

·

CVE-2022-27545

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions BigFix Web Reports (affected versions not specified)
Description The issue allows authorized users of BigFix Web Reports to perform HTML injection on the email administrative configuration page.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-27545

Affected Products

Bigfix Web Reports