CVE-2022-40912 Vulnerability Details

  /     /     /  

CVE-2022-40912 Metadata Quick Info

CVE Published: 28/09/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: mitre | Vendor: n/a | Product: n/a
Status : PUBLISHED

---

CVE-2022-40912 Description

ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting (XSS). Input passed to the GET parameter \'action\' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user\'s browser session in context of an affected site.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).