CVE-2022-38146
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-38146
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Silverstripe CMS 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Silverstripe CMS是新西兰Silverstripe公司的一个应用软件。通过创建数字化变革平台来授权强大的数字团队。 Silverstripe CMS 4.12.0 之前版本存在跨站脚本漏洞,该漏洞源于使用 jQuery 1.7.2,此版本的 jQuery 受到CVE-2019-11358 Object.prototype 污染的影响,攻击者利用该漏洞可以通过使用特制__proto__查询字符串参数诱使用户访问链接来执行 XSS 攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2022-38146
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-38146
请登录查看更多情报信息。
Same Patch Batch · n/a · 2022-11-21 · 42 CVEs total
| CVE-2022-44788 | Maggioli SpA Appalti & Contratti 授权问题漏洞 | |
| CVE-2022-44175 | Tenda AC18 安全漏洞 | |
| CVE-2022-44176 | Tenda AC18 安全漏洞 | |
| CVE-2022-44177 | Tenda AC18 安全漏洞 | |
| CVE-2022-44178 | Tenda AC18 安全漏洞 | |
| CVE-2022-44180 | Tenda AC18 安全漏洞 | |
| CVE-2022-44183 | Tenda AC18 安全漏洞 | |
| CVE-2022-44784 | Maggioli SpA Appalti & Contratti 安全漏洞 | |
| CVE-2022-44785 | Maggioli SpA Appalti & Contratti SQL注入漏洞 | |
| CVE-2022-44786 | Maggioli SpA Appalti & Contratti 安全漏洞 | |
| CVE-2022-44787 | Maggioli SpA Appalti & Contratti 跨站脚本漏洞 | |
| CVE-2022-44174 | Tenda AC18 安全漏洞 | |
| CVE-2022-44830 | Event Registration App 安全漏洞 | |
| CVE-2022-45012 | WBCE CMS 跨站脚本漏洞 | |
| CVE-2022-45013 | WBCE CMS 跨站脚本漏洞 | |
| CVE-2022-45014 | WBCE CMS 跨站脚本漏洞 | |
| CVE-2022-45015 | WBCE CMS 跨站脚本漏洞 | |
| CVE-2022-45016 | WBCE CMS 跨站脚本漏洞 | |
| CVE-2022-45017 | WBCE CMS 跨站脚本漏洞 | |
| CVE-2022-45146 | Bouncy Castle BC 资源管理错误漏洞 |
Showing top 20 of 42 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2022-38146
No comments yet