CVE-2022-3943
ForU CMS cms_chip.php cross site scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in ForU CMS. It has been classified as problematic. Affected is an unknown function of the file cms_chip.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-213450 is the identifier assigned to this vulnerability.
Se encontró una vulnerabilidad en ForU CMS. Ha sido clasificada como problemática. Una función desconocida del archivo cms_chip.php es afectada por esta vulnerabilidad. La manipulación del nombre del argumento conduce a Cross-Site Scripting (XSS). Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede utilizarse. VDB-213450 es el identificador asignado a esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-11-11 CVE Reserved
- 2022-11-11 CVE Published
- 2024-06-03 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CWE-707: Improper Neutralization
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://github.com/whiex/c2Rhc2Rhc2Q-/blob/main/MjU1NTI1ODU4ODU%3D.docx | Third Party Advisory | |
| https://vuldb.com/?id.213450 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Foru Cms Project Search vendor "Foru Cms Project" | Foru Cms Search vendor "Foru Cms Project" for product "Foru Cms" | - | - |
Affected
| ||||||