Vulnerability Details CVE-2022-23903
A Cross Site Scripting (XSS) vulnerability exists in pearadmin pear-admin-think <=5.0.6, which allows a login account to access arbitrary functions and cause stored XSS through a fake User-Agent.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.8%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2022-23903
-
cpe:2.3:a:pearadmin:pear_admin_think:2.1.2