CVE-2022-2871 MEDIUM

CVE-2022-2871: Cross-site Scripting (XSS) - Stored in notrinos/notrinoserp

Vendor Notrinos
Product notrinos/notrinoserp
Weakness CWE-79 · XSS
Published August 17, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

4.6/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.

Key dates

02Disclosure timeline

August 17, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-24656 Simple Social Media Share Buttons < 3.2.4 - Authenticated Stored Cross-Site Scripting CVE-2024-29127 WordPress Advanced Access Manager plugin <= 6.9.20 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2023-3555 GZ Scripts PHP Vacation Rental Script preview.php cross site scripting CVE-2024-4821 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox Shortcode CVE-2026-45026 WeGIA: Stored XSS in html/atendido/processo_aceitacao.php