CVE-2022-4554
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ID Software Project and Consultancy Services | B2B Customer Ordering System | 1.0.0.347 < 0 | affected |
Weaknesses
- CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
References
- https://www.usom.gov.tr/bildirim/tr-23-0022
- https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0022
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.