CVE-2022-4881

Name of the Vulnerable Software and Affected Versions CapsAdmin PAC3 (affected versions not specified)

Description A problematic issue was found in CapsAdmin PAC3, affecting some unknown functionality of the file lua/pac3/core/shared/http.lua. The manipulation of the url argument leads to cross-site scripting. The attack may be launched remotely.

Recommendations To fix this issue, it is recommended to apply a patch, specifically the one identified as 8fc9e12dfa21d757be6eb4194c763e848b299ac0. As a temporary workaround, consider restricting access to the http.lua file or disabling the functionality that manipulates the url argument until a patch is applied.