EQS Integrity Line Professional through 2022-07-01 allows a stored XSS via a crafted whistleblower entry.
References
Link | Resource |
---|---|
https://eusanctions.integrityline.com | Product Third Party Advisory |
https://packetstormsecurity.com/files/167706/EQS-Integrity-Line-Cross-Site-Scripting-Information-Disclosure.html | Exploit Third Party Advisory VDB Entry |
https://seclists.org/fulldisclosure/2022/Jul/1 | Exploit Mailing List Third Party Advisory |
https://whistleblowingnetwork.org/Our-Work/Spotlight/Stories/The-Pitfalls-of-Closed-Source-Whistleblowing-Softw | Third Party Advisory |
https://www.integrityline.com/ | Vendor Advisory |
https://www.ush.it/team/ush/advisory-eqs-integrity-line/eqs_integrity_line.txt | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-07T11:14:54
Updated: 2022-08-25T18:28:57
Reserved: 2022-06-19T00:00:00
Link: CVE-2022-34007
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-07T12:15:09.770
Modified: 2022-10-26T22:28:44.437
Link: CVE-2022-34007
JSON object: View
Redhat Information
No data.
CWE