CVE-2022-4353

LOW

LinZhaoguan pb-cms 2.0 - XSS

Title source: llm

Description

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215113 was assigned to this vulnerability.

Exploits (1)

gitee 1,410 stars

by LinZhaoguan · javawriteup

https://gitee.com/LinZhaoguan/pb-cms/issues/I52422

References (2)

[Exploit, Issue Tracking, Third Party Advisory] https://gitee.com/LinZhaoguan/pb-cms/issues/I52422

[Third Party Advisory] https://vuldb.com/?id.215113

Scores

CVSS v3 3.5

EPSS 0.0029

EPSS Percentile 51.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Classification

CWE

CWE-79 CWE-707

Status published

Affected Products (1)

pb-cms_project/pb-cms

Timeline

Published Dec 08, 2022

Tracked Since Feb 18, 2026