// For flags

CVE-2022-25370

Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz

Severity Score

5.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious user could perform a stored XSS attack in order to inject a malicious payload and execute it using the stored XSS.

Apache OFBiz usa el plugin Birt (https://eclipse.github.io/birt-website/) para crear visualizaciones de datos e informes. En Apache OFBiz, versión 18.12.05 y anteriores, aprovechando una vulnerabilidad en Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), un usuario malicioso no autenticado podría llevar a cabo un ataque de tipo XSS almacenado para inyectar una carga útil maliciosa y ejecutarla usando un ataque de tipo XSS almacenado

*Credits: Nikita Podotykin from Positive Technologies <npodotykin@ptsecurity.com>, Positive Technologies zeroday <zeroday@ptsecurity.com>
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-02-20 CVE Reserved
  • 2022-09-02 CVE Published
  • 2024-07-19 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Ofbiz
Search vendor "Apache" for product "Ofbiz"
 < 18.12.06
Search vendor "Apache" for product "Ofbiz" and version " < 18.12.06"
-
Affected