CVE-2022-3853

Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application.

CVSS v3.0 5.4 MEDIUM

5.4^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://wpscan.com/vulnerability/c2bc7d23-5bfd-481c-b42b-da7ee80d9514	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:supra-csv-parser_project:supra-csv-parser:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-12-12 10:15

Updated : 2022-12-14 12:55

NVD link : CVE-2022-3853

Mitre link : CVE-2022-3853

JSON object : View

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Products Affected

supra-csv-parser_project

supra-csv-parser

5.4 /10