No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-45811 | CandidATS version 3.0.0 on 'sortDirection' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. This is possible because the application application does not properly validate user input against XSS attacks. |
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 05 May 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: Fluid Attacks
Published:
Updated: 2025-05-05T13:15:18.432Z
Reserved: 2022-10-10T00:00:00.000Z
Link: CVE-2022-42748
Updated: 2024-08-03T13:10:41.436Z
Status : Modified
Published: 2022-11-03T20:15:32.727
Modified: 2026-06-17T05:05:14.033
Link: CVE-2022-42748
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD