CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-23397

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no clear steps of reproduction."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.08

EPSS Ranking 91.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://ado.im/cedar-gate-ez-net
https://ado.im/cedar-gate-ez-net

Products affected by CVE-2022-23397

Cedargate » Ez-Net Portal » Version: 6.5.5

cpe:2.3:a:cedargate:ez-net_portal:6.5.5
Cedargate » Ez-Net Portal » Version: 6.6.3

cpe:2.3:a:cedargate:ez-net_portal:6.6.3
Cedargate » Ez-Net Portal » Version: 6.7.0

cpe:2.3:a:cedargate:ez-net_portal:6.7.0
Cedargate » Ez-Net Portal » Version: 6.8.0

cpe:2.3:a:cedargate:ez-net_portal:6.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-23397

Products

Pricing

Contact Us