PT-2022-26250 · Unknown · Klik Socialmediawebsite
Published
2022-11-29
·
Updated
2022-11-30
·
CVE-2022-42099
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
KLiK SocialMediaWebsite version 1.0.1
Description
The issue allows attackers to store XSS via the location Forum Subject input, potentially affecting user security.
Recommendations
For KLiK SocialMediaWebsite version 1.0.1, consider restricting user input in the Forum Subject field to minimize the risk of XSS attacks until a patch is available.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Klik Socialmediawebsite