COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-36180

CVE-2022-36180

Severity
critical
Source
NVD · cve
Published
2022-11-22
CVSS
9.6
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-36180
shame 35/100

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.

Players implicated

fusiondirectory · vendorfusiondirectory · product

Description

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.