Enhancement: cves/2022/CVE-2022-1168.yaml by md

patch-1
MostInterestingBotInTheWorld 2023-02-01 13:15:35 -05:00
parent 6045693637
commit b4d0c10850
1 changed files with 5 additions and 3 deletions

View File

@ -1,15 +1,15 @@
id: CVE-2022-1168 id: CVE-2022-1168
info: info:
name: JobSearch < 1.5.1 - Cross-Site Scripting name: WordPress WP JobSearch <1.5.1 - Cross-Site Scripting
author: Akincibor author: Akincibor
severity: medium severity: medium
description: | description: |
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1. WordPress WP JobSearch plugin prior to 1.5.1 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference: reference:
- https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490 - https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490
- https://nvd.nist.gov/vuln/detail/CVE-2022-1168
- https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856 - https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856
- https://nvd.nist.gov/vuln/detail/CVE-2022-1168
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1 cvss-score: 6.1
@ -42,3 +42,5 @@ requests:
- type: status - type: status
status: status:
- 404 - 404
# Enhanced by md on 2023/02/01