Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/j_security_check via the j_username parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The payload would then be triggered every time an authenticated user browses the page containing it.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.gruppotim.it/it/footer/red-team.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-01-27T00:00:00
Updated: 2024-08-03T12:07:42.840Z
Reserved: 2022-09-05T00:00:00
Link: CVE-2022-39813
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-27T22:15:08.470
Modified: 2024-11-21T07:18:18.397
Link: CVE-2022-39813
Redhat
No data.