Unrated severityNVD Advisory· Published Oct 30, 2023· Updated Sep 9, 2024

CVE-2022-39172

Description

A stored XSS in the process overview (bersicht zugewiesener Vorgaenge) in mbsupport openVIVA c2 20220101 allows a remote, authenticated, low-privileged attacker to execute arbitrary code in the victim's browser via name field of a process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

mbsupport/openVIVAdescription
mb support/openVIVA c2llm-create
Range: = 20220101

Patches

Vulnerability mechanics

References

sec-consult.com/vulnerability-lab/advisory/stored-cross-site-scripting-in-mb-support-broker-management-solution-openviva-c2/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000