2022-10-18 10:00:34 +00:00
{
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
"CVE_data_meta" : {
"ID" : "CVE-2022-3580" ,
2022-10-18 12:06:38 +02:00
"TITLE" : "SourceCodester Cashier Queuing System User Creation cross site scripting" ,
"REQUESTER" : "cna@vuldb.com" ,
"ASSIGNER" : "cna@vuldb.com" ,
"STATE" : "PUBLIC"
} ,
"generator" : "vuldb.com" ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "SourceCodester" ,
"product" : {
"product_data" : [
{
"product_name" : "Cashier Queuing System" ,
"version" : {
"version_data" : [
{
"version_value" : "1.0.1"
}
]
}
}
]
}
}
]
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"
}
]
}
]
2022-10-18 10:00:34 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2022-10-18 12:06:38 +02:00
"value" : "A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-211187."
}
]
} ,
"impact" : {
"cvss" : {
"version" : "3.1" ,
"baseScore" : "2.4" ,
2022-10-18 11:00:34 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"
2022-10-18 12:06:38 +02:00
}
} ,
"references" : {
"reference_data" : [
{
2022-10-18 11:00:34 +00:00
"url" : "https://vuldb.com/?id.211187" ,
"refsource" : "MISC" ,
"name" : "https://vuldb.com/?id.211187"
2022-10-18 10:00:34 +00:00
}
]
}
}
