CVE-2022-29598
MEDIUMSolutions Atlantic Regulatory Reporting System v500 - Reflected Cross-Site Scripting via ShowDocument.aspx
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2022-29598. PoCs published by TheGetch.
AI-analyzed exploit summary This repository contains a proof-of-concept for CVE-2022-29598, a reflected XSS vulnerability in RRS v500 by Solutions Atlantic. The exploit leverages the `fileName` parameter in a GET request to inject JavaScript code, bypassing input sanitization due to reflection in a JavaScript context.
Description
Solutions Atlantic Regulatory Reporting System (RRS) v500 is vulnerable to an reflected Cross-Site Scripting (XSS) vulnerability via RRSWeb/maint/ShowDocument/ShowDocument.aspx .
Exploits (1)
This repository contains a proof-of-concept for CVE-2022-29598, a reflected XSS vulnerability in RRS v500 by Solutions Atlantic. The exploit leverages the `fileName` parameter in a GET request to inject JavaScript code, bypassing input sanitization due to reflection in a JavaScript context.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N