Vulnerability Description
A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3. This issue affects some unknown processing of the file htdocs/templates2/ocstyle/login.tpl of the component Login Page. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 3296ebd61e7fe49e93b5755d5d7766d6e94a7667. It is recommended to apply a patch to fix this issue. The identifier VDB-216173 was assigned to this vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oc-Server3 Project | Oc-Server3 | < 2022-09-04 |
Related Weaknesses (CWE)
References
- https://github.com/OpencachingDeutschland/oc-server3/commit/3296ebd61e7fe49e93b5PatchThird Party Advisory
- https://github.com/OpencachingDeutschland/oc-server3/pull/893PatchThird Party Advisory
- https://vuldb.com/?id.216173Third Party Advisory
- https://github.com/OpencachingDeutschland/oc-server3/commit/3296ebd61e7fe49e93b5PatchThird Party Advisory
- https://github.com/OpencachingDeutschland/oc-server3/pull/893PatchThird Party Advisory
- https://vuldb.com/?id.216173Third Party Advisory
FAQ
What is CVE-2022-4587?
CVE-2022-4587 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3. This issue affects some unknown processing of the file htdocs/templates2/ocstyle/login.tpl o...
How severe is CVE-2022-4587?
CVE-2022-4587 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-4587?
Check the references section above for vendor advisories and patch information. Affected products include: Oc-Server3 Project Oc-Server3.