CVE-2022-4586

Name of the Vulnerable Software and Affected Versions Opencaching Deutschland oc-server3 (affected versions not specified)

Description A problematic vulnerability was found in the Cachelist Handler component, specifically in the file htdocs/templates2/ocstyle/cachelists.tpl. The manipulation of the name filter and by filter arguments leads to cross-site scripting. The attack can be initiated remotely.

Recommendations To fix this issue, it is recommended to apply a patch with the name a9f79c7da78cd24a7ef1d298e6bc86006972ea73. As a temporary workaround, consider restricting access to the cachelists.tpl file or disabling the Cachelist Handler component until a patch is applied. Avoid using the name filter and by filter arguments in the affected component until the issue is resolved.