Vulnerability Details CVE-2022-46332
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.5%
CVSS Severity
CVSS v3 Score 9.6
References
Products affected by CVE-2022-46332
-
cpe:2.3:a:proofpoint:enterprise_protection:-
-
cpe:2.3:a:proofpoint:enterprise_protection:8.12.0-2104190000
-
cpe:2.3:a:proofpoint:enterprise_protection:8.12.0-2106240000
-
cpe:2.3:a:proofpoint:enterprise_protection:8.12.0-2107140000
-
cpe:2.3:a:proofpoint:enterprise_protection:8.12.0-2108090000
-
cpe:2.3:a:proofpoint:enterprise_protection:8.13.16
-
cpe:2.3:a:proofpoint:enterprise_protection:8.13.22
-
cpe:2.3:a:proofpoint:enterprise_protection:8.14.0
-
cpe:2.3:a:proofpoint:enterprise_protection:8.14.2
-
cpe:2.3:a:proofpoint:enterprise_protection:8.16.6
-
cpe:2.3:a:proofpoint:enterprise_protection:8.18.0
-
cpe:2.3:a:proofpoint:enterprise_protection:8.18.4
-
cpe:2.3:a:proofpoint:enterprise_protection:8.18.6
-
cpe:2.3:a:proofpoint:enterprise_protection:8.19.0
-
cpe:2.3:a:proofpoint:enterprise_protection:8.9.22