Vulnerability Details CVE-2022-26146
Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.1%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
- https://support-hub.tricentis.com/open?id=manual&lang=en&path=%2Fqtest%2F10400%2Fen%2Fcontent%2Fqtest_manager%2Frelease_notes%2Fonpremise_release_notes%2Fmanager_10.4.0_onpremise_release_notes.htm&product=qtest&sessionRotationTrigger=true&type=product_manual&version=10.4.2%20On%20Premise
- https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
- https://support-hub.tricentis.com/open?id=manual&lang=en&path=%2Fqtest%2F10400%2Fen%2Fcontent%2Fqtest_manager%2Frelease_notes%2Fonpremise_release_notes%2Fmanager_10.4.0_onpremise_release_notes.htm&product=qtest&sessionRotationTrigger=true&type=product_manual&version=10.4.2%20On%20Premise