Vulnerability Details CVE-2022-43711
Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.3%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2022-43711
-
cpe:2.3:a:gxsoftware:xperiencentral:*