Khalid Adil

3 exploits Active since Feb 2022
CVE-2022-22126 WRITEUP MEDIUM WRITEUP
NASA OpenMCT 1.3.0-1.7.7 - Stored Cross-Site Scripting via Web Page URL Field
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Web Page” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.
CVSS 6.1
CVE-2022-23053 WRITEUP MEDIUM WRITEUP
NASA OpenMCT 1.3.0-1.7.7 - Stored Cross-Site Scripting via Condition Widget URL Field
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Condition Widget” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.
CVSS 6.1
CVE-2022-23054 WRITEUP MEDIUM WRITEUP
NASA OpenMCT 1.3.0-1.7.7 - Stored Cross-Site Scripting via Summary Widget URL Field
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Summary Widget” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.
CVSS 6.1