CVE-2022-30770
Description
Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to (XSS) vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials.
Related CPE's
References
CvssV3 impact
Version | 3.1 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
AttackVector | NETWORK |
AttackComplexity | LOW |
PrivilegesRequired | NONE |
UserInteraction | REQUIRED |
Scope | CHANGED |
ConfidentialityImpact | LOW |
IntegrityImpact | LOW |
AvailabilityImpact | NONE |
BaseScore | 6.1 |
BaseSeverity | MEDIUM |
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:M/Au:N/C:N/I:P/A:N |
AccessVector | NETWORK |
AccessComplexity | MEDIUM |
Authentication | NONE |
ConfidentialityImpact | NONE |
IntegrityImpact | PARTIAL |
AvailabilityImpact | NONE |
BaseScore | 4.300000190734863 |