CVE-2022-4958 LOW

CVE-2022-4958: qkmc-rk redbbs Post cross site scripting

Vendor Qkmc-Rk
Product redbbs
Weakness CWE-79 · XSS
Published January 11, 2024
Last update June 17, 2025

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability classified as problematic has been found in qkmc-rk redbbs 1.0. Affected is an unknown function of the component Post Handler. The manipulation of the argument title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250236.

Key dates

02Disclosure timeline

January 11, 2024 CVE published
June 17, 2025 Record updated