CVE-2022-42001

Description

Cross-site Scripting (XSS) vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the book navigation.

Related CPE's

a hallowelt bluespice ********

References

https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2022-05

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io