Medium severity6.1NVD Advisory· Published Nov 3, 2022· Updated Jun 17, 2026
CVE-2022-42753
CVE-2022-42753
Description
SalonERP version 3.0.2 allows an external attacker to steal the cookie of arbitrary users. This is possible because the application does not correctly validate the page parameter against XSS attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SalonERP/SalonERPdescription
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/hardway/nvdExploitThird Party Advisory
- salonerp.sourceforge.ionvdProduct
News mentions
0No linked articles in our index yet.