VYPR
leads to cross site scripting. The attack can be ini","datePublished":"2022-06-02T17:25:12Z","dateModified":"2025-04-15T14:37:49.929Z","publisher":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"author":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"proficiencyLevel":"Expert","about":{"@type":"Thing","@id":"https://nvd.nist.gov/vuln/detail/CVE-2022-1979","name":"CVE-2022-1979","identifier":"CVE-2022-1979","description":"A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input leads to cross site scripting. The attack can be initiated remotely but requires authentication. Exploit details have been disclosed to the public.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1979"]},"keywords":"CVE-2022-1979, Sourcecodester Product Show Room, Sourcecodester Product Show Room","mentions":[{"@type":"SoftwareApplication","name":"Product Show Room","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Sourcecodester"}},{"@type":"SoftwareApplication","name":"Product Show Room","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Sourcecodester"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2022-1979","item":"https://portal.vyprsec.ai/cves/CVE-2022-1979"}]}]}
← All advisories
Unrated severityNVD Advisory· Published Jun 2, 2022· Updated Apr 15, 2025

SourceCodester Product Show Room Site p=contact cross site scripting

CVE-2022-1979

Description

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input leads to cross site scripting. The attack can be initiated remotely but requires authentication. Exploit details have been disclosed to the public.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.