CVE-2022-31298
Description
A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.
References
Third Party Advisory
Vendor Advisory
ProductVendor Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | NONE |
AvailabilityImpact | NONE |
IntegrityImpact | PARTIAL |
BaseScore | 3.5 |
VectorString | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | SINGLE |