First published: Thu Feb 10 2022(Updated: )
A persistent cross-site scripting (XSS) vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xerox Xmpie Ustore | =12.3.7244.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-23321.
The severity of CVE-2022-23321 is medium with a severity value of 4.8.
The affected software version of CVE-2022-23321 is XMPie UStore version 12.3.7244.0.
The CWE ID associated with CVE-2022-23321 is CWE-79.
To fix the persistent cross-site scripting vulnerability in XMPie UStore, apply the latest security patch or update to a version that addresses the vulnerability.