PT-2022-24050 · Unknown · Project Wonder Webobjects
Notsoanonimus
·
Published
2022-09-14
·
Updated
2022-09-19
·
CVE-2022-37724
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Project Wonder WebObjects versions 1.0 through 7.3
Description
The issue concerns Arbitrary HTTP Header injection and URL- or Header-based XSS reflection in all web-server adaptor interfaces. A patch for this issue is available.
Recommendations
For Project Wonder WebObjects versions 1.0 through 7.3, apply the patch available at commit number b0d2d74f13203268ea254b02552600850f28014b to resolve the issue.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Project Wonder Webobjects