CVE-2022-1086

Summary

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
unspecifiedDolphinPHP1.0affected
unspecifiedDolphinPHP1.1affected
unspecifiedDolphinPHP1.2affected
unspecifiedDolphinPHP1.3affected
unspecifiedDolphinPHP1.4affected
unspecifiedDolphinPHP1.5affected

Weaknesses

  • CWE-79: CWE-79 Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References