Enhancement: cves/2022/CVE-2022-1168.yaml by md
parent
6045693637
commit
b4d0c10850
|
@ -1,15 +1,15 @@
|
||||||
id: CVE-2022-1168
|
id: CVE-2022-1168
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: JobSearch < 1.5.1 - Cross-Site Scripting
|
name: WordPress WP JobSearch <1.5.1 - Cross-Site Scripting
|
||||||
author: Akincibor
|
author: Akincibor
|
||||||
severity: medium
|
severity: medium
|
||||||
description: |
|
description: |
|
||||||
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.
|
WordPress WP JobSearch plugin prior to 1.5.1 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||||
reference:
|
reference:
|
||||||
- https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490
|
- https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2022-1168
|
|
||||||
- https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856
|
- https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856
|
||||||
|
- https://nvd.nist.gov/vuln/detail/CVE-2022-1168
|
||||||
classification:
|
classification:
|
||||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||||
cvss-score: 6.1
|
cvss-score: 6.1
|
||||||
|
@ -42,3 +42,5 @@ requests:
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 404
|
- 404
|
||||||
|
|
||||||
|
# Enhanced by md on 2023/02/01
|
||||||
|
|
Loading…
Reference in New Issue