[MAVEN:GHSA-6RVV-H8G7-728W] Mingsoft MCMS Cross-site Scripting vulnerability

Severity Moderate

Affected Packages 1

CVEs 1

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.

Package	Affected Version
pkg:maven/net.mingsoft/ms-mcms	<= 5.2.9

ID: MAVEN:GHSA-6RVV-H8G7-728W
Severity: moderate
URL: https://github.com/advisories/GHSA-6rvv-h8g7-728w
Published: 2022-12-22T00:30:36
(21 months ago)
Modified: 2023-01-29T05:06:34
(19 months ago)
Rights: Maven Security Team

Source	# ID	Name	URL
			https://nvd.nist.gov/vuln/detail/CVE-2022-4640
			https://gitee.com/mingSoft/MCMS/issues/I65KI5
			https://vuldb.com/?id.216499
			https://github.com/advisories/GHSA-6rvv-h8g7-728w

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:maven/net.mingsoft/ms-mcms	net.mingsoft	ms-mcms	<= 5.2.9

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date