No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-45809 | CandidATS version 3.0.0 on 'indexFile' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. This is possible because the application application does not properly validate user input against XSS attacks. |
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 05 May 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: Fluid Attacks
Published:
Updated: 2025-05-05T13:19:35.880Z
Reserved: 2022-10-10T00:00:00.000Z
Link: CVE-2022-42746
Updated: 2024-08-03T13:10:41.476Z
Status : Modified
Published: 2022-11-03T20:15:32.503
Modified: 2026-06-17T05:05:13.743
Link: CVE-2022-42746
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD