CVEDB API

Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML (XSS).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.6%

CVSS Severity

CVSS v3 Score 4.0

References

Products affected by CVE-2022-3895

Hallowelt » Bluespice » Version: 4.1.0

cpe:2.3:a:hallowelt:bluespice:4.1.0
Hallowelt » Bluespice » Version: 4.1.1

cpe:2.3:a:hallowelt:bluespice:4.1.1
Hallowelt » Bluespice » Version: 4.1.2

cpe:2.3:a:hallowelt:bluespice:4.1.2
Hallowelt » Bluespice » Version: 4.1.3

cpe:2.3:a:hallowelt:bluespice:4.1.3
Hallowelt » Bluespice » Version: 4.1.4

cpe:2.3:a:hallowelt:bluespice:4.1.4
Hallowelt » Bluespice » Version: 4.2

cpe:2.3:a:hallowelt:bluespice:4.2
Hallowelt » Common User Interface » Version: 3.0.0

cpe:2.3:a:hallowelt:common_user_interface:3.0.0