CVE-2022-24572

{"id": "CVE-2022-24572", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2022-02-28T14:15:08.457", "references": [{"url": "https://github.com/nsparker1337/OpenSource/blob/main/exploit_xss", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/nsparker1337/OpenSource/blob/main/exploit_xss", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Car Driving School Management System v1.0 is affected by Cross Site Scripting (XSS) in the User Enrollment Form (Username Field). To exploit this Vulnerability, an admin views the registered user details."}, {"lang": "es", "value": "Car Driving School Management System versi\u00f3n v1.0, est\u00e1 afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS) en el formulario de inscripci\u00f3n de usuarios (campo Username). Para explotar esta vulnerabilidad, un administrador visualiza los detalles del usuario registrado."}], "lastModified": "2024-11-21T06:50:40.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:car_driving_school_management_system_project:car_driving_school_management_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0760BF42-C181-4341-A18A-D8B820892F3A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}