CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28051

The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.8%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md
https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051
https://sourceforge.net/p/seeddms/code/ci/6fc17be5d95e8f00fbe5c124c4acd377fa2ce69d/
https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md
https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051
https://sourceforge.net/p/seeddms/code/ci/6fc17be5d95e8f00fbe5c124c4acd377fa2ce69d/

Products affected by CVE-2022-28051

Seeddms » Seeddms » Version: 5.1.25

cpe:2.3:a:seeddms:seeddms:5.1.25
Seeddms » Seeddms » Version: 6.0.18

cpe:2.3:a:seeddms:seeddms:6.0.18

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28051

Products

Pricing

Contact Us