← volver
CVE-2022-25784

User controllable HTML element attribute (potential XSS)

CVSS 9.1 CRITICALEPSS 0.6%CWE-79
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Secomea · SiteManager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.secomea.com/support/cybersecurity-advisory/