CVE-2022-4554

MEDIUM 5.4

Reflected XSS B2B Dealer Ordering System

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347.

CWE	CWE-79
Vendor	id software project and consultancy services
Product	b2b customer ordering system
Published	Jan 24, 2023
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for id software project and consultancy services b2b customer ordering system

Be the first to know when new medium vulnerabilities affecting id software project and consultancy services b2b customer ordering system are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected Versions

ID Software Project and Consultancy Services / B2B Customer Ordering System

1.0.0.347 < 0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-23-0022

Credits

Alican OZDEMIR