CVE-2022-22571

Summary

An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions.

Affected Software

VendorProductVersion RangeStatus
n/aIvanti Incapptic ConnectA workaround has been published to fix this issueaffected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Stored (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References