From fae1301fb628e4e52c4911d5fd2b588f7748be53 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 1 Dec 2022 09:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/45xxx/CVE-2022-45050.json | 97 ++++++++++++++++++++++++++++++++-- 2022/4xxx/CVE-2022-4246.json | 16 ++++-- 2022/4xxx/CVE-2022-4247.json | 12 +++-- 2022/4xxx/CVE-2022-4248.json | 12 +++-- 2022/4xxx/CVE-2022-4249.json | 12 +++-- 2022/4xxx/CVE-2022-4250.json | 12 +++-- 2022/4xxx/CVE-2022-4251.json | 12 +++-- 2022/4xxx/CVE-2022-4252.json | 12 +++-- 2022/4xxx/CVE-2022-4253.json | 12 +++-- 9 files changed, 160 insertions(+), 37 deletions(-) diff --git a/2022/45xxx/CVE-2022-45050.json b/2022/45xxx/CVE-2022-45050.json index cca2080e21a..7d5d3ac6832 100644 --- a/2022/45xxx/CVE-2022-45050.json +++ b/2022/45xxx/CVE-2022-45050.json @@ -1,17 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-45050", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "csirt@divd.nl", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The title parameter on the twitter.php endpoint does not properly neutralise user input, resulting in the vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Axiell", + "product": { + "product_data": [ + { + "product_name": "Iguana", + "version": { + "version_data": [ + { + "version_value": "< 4.5.02", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://csirt.divd.nl/CVE-2022-45050/", + "refsource": "MISC", + "name": "https://csirt.divd.nl/CVE-2022-45050/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Upgrade to the latest version of Iguana CMS." + } + ], + "value": "Upgrade to the latest version of Iguana CMS." + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Amr Al Hallak" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2022/4xxx/CVE-2022-4246.json b/2022/4xxx/CVE-2022-4246.json index 605a2ff8b4f..3637b569e70 100644 --- a/2022/4xxx/CVE-2022-4246.json +++ b/2022/4xxx/CVE-2022-4246.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,19 +57,25 @@ "cvss": { "version": "3.1", "baseScore": "4.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/seclists.org\/fulldisclosure\/2022\/Nov\/16" + "url": "https://seclists.org/fulldisclosure/2022/Nov/16", + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2022/Nov/16" }, { - "url": "https:\/\/seclists.org\/fulldisclosure\/2022\/Nov\/att-16\/potplayer_7z.bin" + "url": "https://seclists.org/fulldisclosure/2022/Nov/att-16/potplayer_7z.bin", + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2022/Nov/att-16/potplayer_7z.bin" }, { - "url": "https:\/\/vuldb.com\/?id.214623" + "url": "https://vuldb.com/?id.214623", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214623" } ] } diff --git a/2022/4xxx/CVE-2022-4247.json b/2022/4xxx/CVE-2022-4247.json index 7ad7756b2ab..a0ec40d2219 100644 --- a/2022/4xxx/CVE-2022-4247.json +++ b/2022/4xxx/CVE-2022-4247.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "6.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/aman05382\/movie_ticket_booking_system_php\/issues\/1" + "url": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/1", + "refsource": "MISC", + "name": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/1" }, { - "url": "https:\/\/vuldb.com\/?id.214624" + "url": "https://vuldb.com/?id.214624", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214624" } ] } diff --git a/2022/4xxx/CVE-2022-4248.json b/2022/4xxx/CVE-2022-4248.json index 0ccdb06670d..7fd4a430111 100644 --- a/2022/4xxx/CVE-2022-4248.json +++ b/2022/4xxx/CVE-2022-4248.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "5.0", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/aman05382\/movie_ticket_booking_system_php\/issues\/3" + "url": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/3", + "refsource": "MISC", + "name": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/3" }, { - "url": "https:\/\/vuldb.com\/?id.214625" + "url": "https://vuldb.com/?id.214625", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214625" } ] } diff --git a/2022/4xxx/CVE-2022-4249.json b/2022/4xxx/CVE-2022-4249.json index 2428cc77c59..4a2326ca5ef 100644 --- a/2022/4xxx/CVE-2022-4249.json +++ b/2022/4xxx/CVE-2022-4249.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/aman05382\/movie_ticket_booking_system_php\/issues\/5" + "url": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/5", + "refsource": "MISC", + "name": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/5" }, { - "url": "https:\/\/vuldb.com\/?id.214626" + "url": "https://vuldb.com/?id.214626", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214626" } ] } diff --git a/2022/4xxx/CVE-2022-4250.json b/2022/4xxx/CVE-2022-4250.json index 99a8001972c..c95ff2fd0de 100644 --- a/2022/4xxx/CVE-2022-4250.json +++ b/2022/4xxx/CVE-2022-4250.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/aman05382\/movie_ticket_booking_system_php\/issues\/2" + "url": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/2", + "refsource": "MISC", + "name": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/2" }, { - "url": "https:\/\/vuldb.com\/?id.214627" + "url": "https://vuldb.com/?id.214627", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214627" } ] } diff --git a/2022/4xxx/CVE-2022-4251.json b/2022/4xxx/CVE-2022-4251.json index 648362def07..d9e0a4e9bc6 100644 --- a/2022/4xxx/CVE-2022-4251.json +++ b/2022/4xxx/CVE-2022-4251.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "2.4", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/aman05382\/movie_ticket_booking_system_php\/issues\/4" + "url": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/4", + "refsource": "MISC", + "name": "https://github.com/aman05382/movie_ticket_booking_system_php/issues/4" }, { - "url": "https:\/\/vuldb.com\/?id.214628" + "url": "https://vuldb.com/?id.214628", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214628" } ] } diff --git a/2022/4xxx/CVE-2022-4252.json b/2022/4xxx/CVE-2022-4252.json index f7421f8e4c6..c4a35de02d1 100644 --- a/2022/4xxx/CVE-2022-4252.json +++ b/2022/4xxx/CVE-2022-4252.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/blog.csdn.net\/weixin_43864034\/article\/details\/128127288" + "url": "https://blog.csdn.net/weixin_43864034/article/details/128127288", + "refsource": "MISC", + "name": "https://blog.csdn.net/weixin_43864034/article/details/128127288" }, { - "url": "https:\/\/vuldb.com\/?id.214629" + "url": "https://vuldb.com/?id.214629", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214629" } ] } diff --git a/2022/4xxx/CVE-2022-4253.json b/2022/4xxx/CVE-2022-4253.json index 0444f483863..0b9245ec52a 100644 --- a/2022/4xxx/CVE-2022-4253.json +++ b/2022/4xxx/CVE-2022-4253.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/blog.csdn.net\/weixin_43864034\/article\/details\/128127516" + "url": "https://blog.csdn.net/weixin_43864034/article/details/128127516", + "refsource": "MISC", + "name": "https://blog.csdn.net/weixin_43864034/article/details/128127516" }, { - "url": "https:\/\/vuldb.com\/?id.214630" + "url": "https://vuldb.com/?id.214630", + "refsource": "MISC", + "name": "https://vuldb.com/?id.214630" } ] }