CVE-2022-4960

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-4960

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4960.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-4960

Published

2024-01-12T03:15:08.683Z

Modified

2025-11-14T21:23:36.723903Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250238 is the identifier assigned to this vulnerability.

References

Affected packages

Git / github.com/cloudfavorites/favorites-web

Affected ranges

Type: GIT
Repo: https://github.com/cloudfavorites/favorites-web
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d0f11a3b7e9d63bd2a136665a7a52fb5fe2b90d0

Affected versions

favorites-1.*

favorites-1.0.0

favorites-1.0.1

favorites-1.1.0

favorites-1.1.1

favorites-1.2.2

favorites-1.3.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4960.json"