CVE-2022-40605 - OpenCVE

MITRE CALDERA before 4.1.0 allows XSS in the Operations tab and/or Debrief plugin via a crafted operation name, a different vulnerability than CVE-2022-40606.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Mitre	Caldera

Configuration 1 [-]

cpe:2.3:a:mitre:caldera:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/mitre/caldera/releases/tag/4.1.0	Release Notes Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-17T00:00:00

Updated: 2022-10-17T00:00:00

Reserved: 2022-09-12T00:00:00

Link: CVE-2022-40605

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-10-17T20:15:10.007

Modified: 2022-10-19T05:31:32.197

Link: CVE-2022-40605

JSON object: View

Redhat Information

No data.

CWE

CWE-79