CVE-2022-2266

University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-22-0637	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:yordam:library_automation_system:*:*:*:*:*:*:*:*

History

16 Sep 2024, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-09-22 09:15

Updated : 2024-09-16 23:15

NVD link : CVE-2022-2266

Mitre link : CVE-2022-2266

CVE.ORG link : CVE-2022-2266

JSON object : View

Products Affected

yordam

library_automation_system

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.1 /10