PT-2023-14695 · Unknown · B2B Customer Ordering System
Alican Ozdemir
·
Published
2023-01-24
·
Updated
2024-02-01
·
CVE-2022-4554
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
B2B Customer Ordering System versions prior to 1.0.0.347
Description
The issue is an authenticated Reflected XSS vulnerability. This vulnerability has been fixed in version 1.0.0.347.
Recommendations
For versions prior to 1.0.0.347, update to version 1.0.0.347 to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable components until the update can be applied.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
B2B Customer Ordering System