CVE-2022-0157

medium

Description

phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

References

Advisories
More

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/

https://github.com/phoronix-test-suite/phoronix-test-suite/commit/56fd0a3b69fb33c1c90a6017ed735889aaa59486

https://huntr.dev/bounties/2c0fe81b-0977-4e1e-b5d8-7646c9a7ebbd

Details

Source: Mitre, NVD

Published: 2022-01-10

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.0048