GHSA-f92p-f8r2-c87q
Suggest an improvement- Source
- https://github.com/advisories/GHSA-f92p-f8r2-c87q
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-f92p-f8r2-c87q/GHSA-f92p-f8r2-c87q.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-f92p-f8r2-c87q
- Aliases
- Published
- 2022-11-03T12:00:30Z
- Modified
- 2023-11-08T04:03:48.216937Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- Tribal Systems Zenario CMS vulnerable to Cross-site Scripting
- Details
-
A vulnerability has been found in Tribal Systems Zenario CMS prior to version 8.5.51340. Affected by this issue is some unknown functionality of the file
admin_organizer.jsof the componentError Log Module. The manipulation leads to cross site scripting. The attack may be launched remotely. The issue is patched in version 8.5.51340. - Database specific
{ "nvd_published_at": "2022-11-02T19:15:00Z", "github_reviewed_at": "2022-11-03T18:15:02Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-79" ] }- References
Affected packages
Packagist / tribalsystems/zenario
Package
- Name
- tribalsystems/zenario
- Purl
- pkg:composer/tribalsystems/zenario
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.5.51340
Affected versions
7.*
7.5.40440
7.5.41006
7.5.41499
7.5.41633
7.5.42085
7.5.42990
7.5.47180
7.6.41504
7.6.41633
7.6.42085
7.6.42990
7.6.47180
7.7.42682
7.7.42963
7.7.42990
7.7.44223
7.7.47180
7.7.47369
7.7.48583
8.*
8.0.44237
8.0.44273
8.0.44294
8.0.44521
8.0.45032
8.0.45250
8.0.45529
8.0.47180
8.0.48583
8.1.45530
8.1.45698
8.1.46089
8.1.46433
8.1.46615
8.1.47180
8.1.47369
8.1.48583
8.2.46436
8.2.46614
8.2.47180
8.2.47369
8.2.47992
8.2.48583
8.3.47997
8.3.48583
8.3.50564
8.4.50565
8.4.51340
8.5.50567
8.5.50837