Vulnerability Details CVE-2022-30519
XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.1%
CVSS Severity
CVSS v3 Score 6.1
References
- http://packetstormsecurity.com/files/171627/Reprise-Software-RLM-14.2BL4-Cross-Site-Scripting.html
- https://github.com/earth2sky/Disclosed/blob/main/CVE-2022-30519
- http://packetstormsecurity.com/files/171627/Reprise-Software-RLM-14.2BL4-Cross-Site-Scripting.html
- https://github.com/earth2sky/Disclosed/blob/main/CVE-2022-30519
Products affected by CVE-2022-30519
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:14.2bl4
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:15.0
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:15.1
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:15.2
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:16.0