← volver
CVE-2022-3958

Potential XSS on personal menu navigation

CVSS 3.3 LOWEPSS 0.3%CWE-79
Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Hallo Welt! GmbH · BlueSpice

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2022-07