Vulnerability Details CVE-2022-35554
Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute javascript code at client side.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 6.1
References
- http://bpcbt.com
- http://smartvista.com
- https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/reflected-xss-in-smartvista-cardgen-version-3.28.0-cve-2022-35554
- http://bpcbt.com
- http://smartvista.com
- https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/reflected-xss-in-smartvista-cardgen-version-3.28.0-cve-2022-35554
Products affected by CVE-2022-35554
-
cpe:2.3:a:bpcbt:smartvista:2
-
cpe:2.3:a:bpcbt:smartvista:2.2.22
-
cpe:2.3:a:bpcbt:smartvista:3.28.0