1. Home
  2. CVE Database
  3. CVE-2022-45225
MEDIUM · 6.1

CVE-2022-45225

Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts ...

Vulnerability Description

Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the book_title parameter.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
Book Store Management System ProjectBook Store Management System1.0

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2022-45225?

CVE-2022-45225 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts ...

How severe is CVE-2022-45225?

CVE-2022-45225 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-45225?

Check the references section above for vendor advisories and patch information. Affected products include: Book Store Management System Project Book Store Management System.