CVE-2022-46287

Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:jacic:electronic_bidding_core_system:*:*:*:*:*:*:*:*
cpe:2.3:a:jacic:electronic_bidding_core_system:6:r4:*:*:*:*:*:*

History

21 Nov 2024, 07:30

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN96321933/index.html - Third Party Advisory, VDB Entry () https://jvn.jp/en/jp/JVN96321933/index.html - Third Party Advisory, VDB Entry
References () https://www.cals.jacic.or.jp/coreconso/pdf/coreconsoinfo20221215.pdf - Vendor Advisory () https://www.cals.jacic.or.jp/coreconso/pdf/coreconsoinfo20221215.pdf - Vendor Advisory

22 Dec 2022, 20:35

Type Values Removed Values Added
CWE CWE-79
CPE cpe:2.3:a:jacic:electronic_bidding_core_system:6:r4:*:*:*:*:*:*
cpe:2.3:a:jacic:electronic_bidding_core_system:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
References (MISC) https://www.cals.jacic.or.jp/coreconso/pdf/coreconsoinfo20221215.pdf - (MISC) https://www.cals.jacic.or.jp/coreconso/pdf/coreconsoinfo20221215.pdf - Vendor Advisory
References (MISC) https://jvn.jp/en/jp/JVN96321933/index.html - (MISC) https://jvn.jp/en/jp/JVN96321933/index.html - Third Party Advisory, VDB Entry

19 Dec 2022, 04:00

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-19 03:15

Updated : 2025-04-17 15:15


NVD link : CVE-2022-46287

Mitre link : CVE-2022-46287

CVE.ORG link : CVE-2022-46287


JSON object : View

Products Affected

jacic

  • electronic_bidding_core_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')