CVE-2022-4588

LOW 2.4

Boston Sleep slice Layout cross site scripting

CVSS Score

2.4

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability, which was classified as problematic, was found in Boston Sleep slice up to 84.1.x. Affected is an unknown function of the component Layout Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 84.2.0 is able to address this issue. The name of the patch is 6523bb17d889e2ab13d767f38afefdb37083f1d0. It is recommended to upgrade the affected component. VDB-216174 is the identifier assigned to this vulnerability.

CWE	CWE-79
Vendor	boston sleep
Product	slice
Published	Dec 17, 2022
Last Updated	Nov 19, 2024

Stay Ahead of the Next One

Get instant alerts for boston sleep slice

Be the first to know when new low vulnerabilities affecting boston sleep slice are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Boston Sleep / slice

84.0 84.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.216174 github.com: https://github.com/sleepepi/slice/commit/6523bb17d889e2ab13d767f38afefdb37083f1d0 github.com: https://github.com/sleepepi/slice/releases/tag/v84.2.0