CVE-2022-48085

medium

Description

Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name parameter.

References

https://www.softr.io/

https://studio.softr.io/dashboard

https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-contain-a-html-injection-vulnerability-via-the-work-space-name-d0152e1cff51

http://softr.com

http://google.com

Details

Source: Mitre, NVD

Published: 2023-02-06

Updated: 2023-02-13

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium