CVE-2022-4554 — MEDIUM (5.4)

Q: How severe is CVE-2022-4554?

CVE-2022-4554 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-4554?

Check the references section above for vendor advisories and patch information. Affected products include: Idyazilim B2B Dealer Order System.

Vulnerability Description

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Idyazilim	B2B Dealer Order System	< 1.0.0.347

Related Weaknesses (CWE)

CWE-79

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0022
https://www.usom.gov.tr/bildirim/tr-23-0022Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-23-0022Third Party Advisory

FAQ

What is CVE-2022-4554?

CVE-2022-4554 is a vulnerability with a CVSS score of 5.4 (MEDIUM). B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0...

How severe is CVE-2022-4554?

CVE-2022-4554 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-4554?

Check the references section above for vendor advisories and patch information. Affected products include: Idyazilim B2B Dealer Order System.