admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-471xx/CVE-2022-47187.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

144 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-47187",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-28T14:15:17.927",
"lastModified": "2024-11-21T07:31:40.280",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application allows file uploading, making it possible to upload a file with HTML content. When HTML files are allowed, XSS payload can be injected into the uploaded file.\n\n"
},
{
"lang": "es",
"value": "Hay una vulnerabilidad XSS de carga de archivos en Generex CS141 por debajo de la versi\u00f3n 2.06. La aplicaci\u00f3n web permite la carga de archivos, posibilitando la carga de un archivo con contenido HTML. Cuando se permiten archivos HTML, el payload XSS se puede inyectar en el archivo cargado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:generex:cs141_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.06",
"matchCriteriaId": "45AC1134-C83A-435F-AFCB-32CC1E691C9E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:generex:cs141:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE00F7F0-4011-4F62-9E11-1BBDDCE4F46B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.generex.de/support/changelogs/cs141/2-12",
"source": "cve-coordination@incibe.es",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141",
"source": "cve-coordination@incibe.es",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.generex.de/support/changelogs/cs141/2-12",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink