BlueSpice
Products
7- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-42001 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the book navigation. | |||
| CVE-2022-42000 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject arbitrary HTML into the comment section of a wikipage. | |||
| CVE-2022-41814 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceFoundation extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the history view of a wikipage. | |||
| CVE-2022-41789 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows logged in user with edit permissions to inject arbitrary HTML into the default page header of a wikipage. | |||
| CVE-2022-41611 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows user with admin privileges to inject arbitrary HTML into the main navigation of the application. | |||
| CVE-2022-3958 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks. | |||
| CVE-2022-3895 | 0.00 | — | 0.00 | Nov 15, 2022 | Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML (XSS). | |||
| CVE-2022-3893 | 0.00 | — | 0.00 | Nov 15, 2022 | Cross-site Scripting (XSS) vulnerability in BlueSpiceCustomMenu extension of BlueSpice allows user with admin permissions to inject arbitrary HTML into the custom menu navigation of the application. |
- CVE-2022-42001Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the book navigation.
- CVE-2022-42000Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject arbitrary HTML into the comment section of a wikipage.
- CVE-2022-41814Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceFoundation extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the history view of a wikipage.
- CVE-2022-41789Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows logged in user with edit permissions to inject arbitrary HTML into the default page header of a wikipage.
- CVE-2022-41611Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows user with admin privileges to inject arbitrary HTML into the main navigation of the application.
- CVE-2022-3958Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks.
- CVE-2022-3895Nov 15, 2022risk 0.00cvss —epss 0.00
Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML (XSS).
- CVE-2022-3893Nov 15, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in BlueSpiceCustomMenu extension of BlueSpice allows user with admin permissions to inject arbitrary HTML into the custom menu navigation of the application.