CVE Vulnerability

CVE-2022-4640

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.

5.4 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://gitee.com/mingSoft/MCMS/issues/I65KI5 Exploit Issue Tracking
https://vuldb.com/?id.216499 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:mingsoft:mcms:5.2.9:*:*:*:*:*:*:*
Information

Published : 2022-12-21 10:15

Updated : 2022-12-29 06:25

NVD link : CVE-2022-4640

Mitre link : CVE-2022-4640

Products Affected
No products.
CWE
CWE-707

CWE-74

CWE-79