CVE-2022-4738
SourceCodester Blood Bank Management System User Registration cross site scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability classified as problematic has been found in SourceCodester Blood Bank Management System 1.0. Affected is an unknown function of the file index.php?page=users of the component User Registration Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-216774 is the identifier assigned to this vulnerability.
Una vulnerabilidad ha sido encontrada en SourceCodester Blood Bank Management System 1.0 y clasificada como problemática. Una función desconocida del archivo index.php?page=users del componente User Registration Handler es afectada por esta vulnerabilidad. La manipulación del argumento Nombre conduce a Cross-Site Scripting (XSS). Es posible lanzar el ataque de forma remota. VDB-216774 es el identificador asignado a esta vulnerabilidad.
Es wurde eine problematische Schwachstelle in SourceCodester Blood Bank Management System 1.0 entdeckt. Betroffen hiervon ist ein unbekannter Ablauf der Datei index.php?page=users der Komponente User Registration Handler. Durch Manipulieren des Arguments Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2022-12-25 CVE Reserved
- 2022-12-25 CVE Published
- 2024-07-17 EPSS Updated
- 2024-11-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.216774 | Technical Description |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Blood Bank Management System Project Search vendor "Blood Bank Management System Project" | Blood Bank Management System Search vendor "Blood Bank Management System Project" for product "Blood Bank Management System" | 1.0 Search vendor "Blood Bank Management System Project" for product "Blood Bank Management System" and version "1.0" | - |
Affected
| ||||||