Oc Server3
CVE-2022-4585
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171.
AnalysisAI
A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-707. A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171. Affected products include: Oc-Server3 Project Oc-Server3.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Oc Server3
View allA vulnerability classified as problematic was found in Opencaching Deutschland oc-server3. Rated medium severity (CVSS 6
A vulnerability, which was classified as problematic, was found in Opencaching Deutschland oc-server3. Rated medium seve
A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3.tpl of the co
Same weakness CWE-707 – Improper Neutralization
View allShare
External POC / Exploit Code
Leaving vuln.today