CVE-2022-34879
Description
Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters. This issue affects: VICIdial 2.14b0.5 versions prior to 3555.
References
Vendor Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | NONE |
AvailabilityImpact | NONE |
IntegrityImpact | PARTIAL |
BaseScore | 4.300000190734863 |
VectorString | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | NONE |