CVE-2022-4347

LOW

xiandafu beetl-bbs - XSS

Title source: llm

Description

A vulnerability was found in xiandafu beetl-bbs. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file WebUtils.java. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215107.

Exploits (1)

gitee 546 stars
by xiandafu · javawriteup
https://gitee.com/xiandafu/beetl-bbs/issues/I5XD5O

References (2)

Scores

CVSS v3 3.5
EPSS 0.0018
EPSS Percentile 39.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-707
Status published
Products (1)
beetl-bbs_project/beetl-bbs
Published Dec 08, 2022
Tracked Since Feb 18, 2026