admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-31 02:31:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-288xx/CVE-2022-28865.json

24 lines
1003 B
JSON
Raw Normal View History

Auto-Update: 2023-07-24T16:00:27.830969+00:00
2023-07-24 16:00:31 +00:00
{
"id": "CVE-2022-28865",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-24T14:15:10.157",
Auto-Update: 2023-07-25T14:00:29.564290+00:00
2023-07-25 14:00:33 +00:00
"lastModified": "2023-07-25T13:01:13.730",
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2023-07-24T16:00:27.830969+00:00
2023-07-24 16:00:31 +00:00
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used."
}
],
"metrics": {},
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue Copy Permalink