CVE-2022-46073 - Helmet Store Showroom v1.0 Reflected XSS

less than 1 minute read

Researcher

This vulnerability was discovered by @yuyudhn.

Description

Search page at Helmet Store Showroom v1.0 does not escape the search value, which could allow non-privileged users to perform Cross-Site Scripting attacks. This vulnerability has not been known to be fixed yet.

Details

Detail about software affected by CVE-2022-46073.

Parameter	Description
Software	Helmet Store Showroom
Vendor	oretnom23
Vulnerable Version	v1.0
Classification	Cross-Site Scripting (XSS)
Required privilege	Unauthenticated
Publicly disclosed	2022-12-14

Proof of Concept

References

CVE-2022-46073 - CVE.org
CVE-2022-46073 - NIST NVD
CVE-2022-46073 - Tenable

Share on

Twitter Facebook LinkedIn

Yudha P.