CVE-2022-25575

Multiple cross-site scripting (XSS) vulnerabilities in Parking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via crafted payloads injected into the user name, password, and verification code text boxes.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
hongmenparking_management_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/gou-web/Parking-management-systemXSS-/blob/main/README.md
https://github.com/gou-web/Parking-management-systemXSS-/blob/main/README.md