CVE-2022-23321: XSS
First published: Thu Feb 10 2022(Updated: )
A persistent cross-site scripting (XSS) vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox Xmpie Ustore | =12.3.7244.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-23321.
What is the severity of CVE-2022-23321?
The severity of CVE-2022-23321 is medium with a severity value of 4.8.
What is the affected software version of CVE-2022-23321?
The affected software version of CVE-2022-23321 is XMPie UStore version 12.3.7244.0.
What is the CWE ID associated with CVE-2022-23321?
The CWE ID associated with CVE-2022-23321 is CWE-79.
How can I fix the persistent cross-site scripting vulnerability in XMPie UStore?
To fix the persistent cross-site scripting vulnerability in XMPie UStore, apply the latest security patch or update to a version that addresses the vulnerability.
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/weakness
- agent/type
- agent/description
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/xerox
- canonical/xerox xmpie ustore
- version/xerox xmpie ustore/12.3.7244.0