CVE-2022-4525

LOW 3.5

National Sleep Research Resource sleepdata.org cross site scripting

CVSS Score

3.5

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability has been found in National Sleep Research Resource sleepdata.org up to 58.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 59.0.0.rc is able to address this issue. The name of the patch is da44a3893b407087829b006d09339780919714cd. It is recommended to upgrade the affected component. The identifier VDB-215905 was assigned to this vulnerability.

CWE	CWE-79
Vendor	national sleep research resource
Product	sleepdata.org
Published	Dec 15, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for national sleep research resource sleepdata.org

Be the first to know when new low vulnerabilities affecting national sleep research resource sleepdata.org are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

National Sleep Research Resource / sleepdata.org

58.x

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.215905 github.com: https://github.com/nsrr/sleepdata.org/commit/da44a3893b407087829b006d09339780919714cd github.com: https://github.com/nsrr/sleepdata.org/releases/tag/59.0.0.rc