Vulnerability Details CVE-2022-25784
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.2%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 3.5
References
Products affected by CVE-2022-25784
-
cpe:2.3:h:secomea:sitemanager_1129:-
-
cpe:2.3:h:secomea:sitemanager_1139:-
-
cpe:2.3:h:secomea:sitemanager_1149:-
-
cpe:2.3:h:secomea:sitemanager_3329:-
-
cpe:2.3:h:secomea:sitemanager_3339:-
-
cpe:2.3:h:secomea:sitemanager_3349:-
-
cpe:2.3:h:secomea:sitemanager_3529:-
-
cpe:2.3:h:secomea:sitemanager_3539:-
-
cpe:2.3:h:secomea:sitemanager_3549:-
-
cpe:2.3:o:secomea:sitemanager_1129_firmware:-
-
cpe:2.3:o:secomea:sitemanager_1129_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_1139_firmware:-
-
cpe:2.3:o:secomea:sitemanager_1139_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_1149_firmware:-
-
cpe:2.3:o:secomea:sitemanager_1149_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3329_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3329_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3339_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3339_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3349_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3349_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3529_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3529_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3539_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3539_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3549_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3549_firmware:9.2c