CVE-2022-4966

LOW

Sequentech admin-console <6.1.7 - XSS

Title source: llm
STIX 2.1

Description

A vulnerability was found in sequentech admin-console up to 6.1.7 and classified as problematic. Affected by this issue is some unknown functionality of the component Election Description Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 7.0.0-beta.1 is able to address this issue. The patch is identified as 0043a6b1e6e0f5abc9557e73f9ffc524fc5d609d. It is recommended to upgrade the affected component. VDB-258782 is the identifier assigned to this vulnerability.

References (6)

Core 6

Scores

CVSS v3 3.5
EPSS 0.0046
EPSS Percentile 36.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (8)
sequentech/admin-console 6.1.0
sequentech/admin-console 6.1.1
sequentech/admin-console 6.1.2
sequentech/admin-console 6.1.3
sequentech/admin-console 6.1.4
sequentech/admin-console 6.1.5
sequentech/admin-console 6.1.6
sequentech/admin-console 6.1.7
Published Apr 01, 2024
Tracked Since Feb 18, 2026