Published: 06/01/2023 Updated: 11/01/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.

Vulnerable Product	Search on Vulmon	Subscribe to Product
maccms maccms 10.0

maccms admin+ xss attacks

CVE-2022-44870 maccms admin+ xss attacks Overview Manufacturer's website information：maccmspro Source code download address ： githubcom/maccmspro/maccms10git Affected version: V202110002000 2Vulnerability details maccmspro/maccms10#23 Go to background, go to Basics > AD Management > Name, Insert payload1 in the name box: It can

maccms admin+ xss attacks

CVE-2022-44870 maccms admin+ xss attacks Overview Manufacturer's website information：maccmspro Source code download address ： githubcom/maccmspro/maccms10git Affected version: V202110002000 2Vulnerability details maccmspro/maccms10#23 Go to background, go to Basics > AD Management > Name, Insert payload1 in the name box: It can

CWE-79 https://github.com/Cedric1314/CVE-2022-44870/blob/main/README.md https://github.com/magicblack/maccms10/issues/986 https://nvd.nist.gov https://github.com/Cedric1314/CVE-2022-48870

CVE-2022-44870

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect