Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2022-4640 Vulnerability in maven package net.mingsoft:ms-mcms

Description

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.

Remediation

References

https://gitee.com/mingSoft/MCMS/issues/I65KI5

https://vuldb.com/?id.216499

Related Vulnerabilities

CVE-2017-16164 Vulnerability in npm package desafio

CVE-2023-36472 Vulnerability in npm package @strapi/admin

CVE-2020-35210 Vulnerability in maven package io.atomix:atomix

CVE-2021-31805 Vulnerability in maven package org.apache.struts:struts2-core

CVE-2021-45105 Vulnerability in maven package org.apache.logging.log4j:log4j-core

Severity

Medium

Classification

CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Exploit Issue Tracking Third Party Advisory