AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS) A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user (victim). JavaScript code is executed on the browser of the other user.
References
Link | Resource |
---|---|
https://www.gov.il/en/Departments/faq/cve_advisories | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCD
Published: 2022-10-23T00:00:00
Updated: 2022-10-26T00:00:00
Reserved: 2022-07-26T00:00:00
Link: CVE-2022-36783
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-25T17:15:55.210
Modified: 2022-10-27T13:32:08.133
Link: CVE-2022-36783
JSON object: View
Redhat Information
No data.
CWE