CVEDB API

Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML (XSS).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.7%

CVSS Severity

CVSS v3 Score 4.0

References

Products affected by CVE-2022-3895

Hallowelt » Bluespice » Version: 4.1.0

cpe:2.3:a:hallowelt:bluespice:4.1.0
Hallowelt » Bluespice » Version: 4.1.1

cpe:2.3:a:hallowelt:bluespice:4.1.1
Hallowelt » Bluespice » Version: 4.1.2

cpe:2.3:a:hallowelt:bluespice:4.1.2
Hallowelt » Bluespice » Version: 4.1.3

cpe:2.3:a:hallowelt:bluespice:4.1.3
Hallowelt » Bluespice » Version: 4.1.4

cpe:2.3:a:hallowelt:bluespice:4.1.4
Hallowelt » Bluespice » Version: 4.2

cpe:2.3:a:hallowelt:bluespice:4.2
Hallowelt » Common User Interface » Version: 3.0.0

cpe:2.3:a:hallowelt:common_user_interface:3.0.0