{ "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-2020", "TITLE": "SourceCodester Prison Management System System Name cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" }, "generator": "vuldb.com", "affects": { "vendor": { "vendor_data": [ { "vendor_name": "SourceCodester", "product": { "product_data": [ { "product_name": "Prison Management System", "version": { "version_data": [ { "version_value": "1.0" } ] } } ] } } ] } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-79 Cross Site Scripting" } ] } ] }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=system_info of the component System Name Handler. The manipulation with the input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] }, "impact": { "cvss": { "version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { "url": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(XSS).md", "refsource": "MISC", "name": "https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System(XSS).md" }, { "url": "https://vuldb.com/?id.201368", "refsource": "MISC", "name": "https://vuldb.com/?id.201368" } ] } }