CVE-2022-4640

MEDIUM5.4EPSS 0.18%

Mingsoft MCMS Cross-site Scripting vulnerability

Published: 12/22/2022Modified: 11/8/2023

Description

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.

Affected packages (1)

Maven/net.mingsoft:ms-mcmsfrom 0, <= 5.2.9

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-4640
WEBhttps://gitee.com/mingSoft/MCMS/issues/I65KI5
WEBhttps://vuldb.com/?id.216499