Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 24/07/2023 Updated: 02/08/2023

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 0

An issue exists in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nokia netact 22.0.0.62

CWE-79 https://www.gruppotim.it/it/footer/red-team.html https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-28865

Vulnerability Summary

References

Vulmon Search

About

Products

Connect