No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-45810 | CandidATS version 3.0.0 on 'sortBy' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. This is possible because the application application does not properly validate user input against XSS attacks. |
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 05 May 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: Fluid Attacks
Published:
Updated: 2025-05-05T13:16:48.736Z
Reserved: 2022-10-10T00:00:00.000Z
Link: CVE-2022-42747
Updated: 2024-08-03T13:10:41.428Z
Status : Modified
Published: 2022-11-03T20:15:32.617
Modified: 2026-06-17T05:05:13.890
Link: CVE-2022-42747
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD