cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-23321,https://securityvulnerability.io/vulnerability/CVE-2022-23321,Persistent Cross-Site Scripting Vulnerability in XMPie UStore by XMPie,"A persistent cross-site scripting (XSS) vulnerability poses significant security risks within the XMPie UStore application. This flaw exists in two input fields located in the administrative panel where user details can be edited. An attacker could exploit this vulnerability to inject malicious scripts, compromising the integrity of the application and potentially gaining unauthorized access to sensitive data. It is crucial for administrators of XMPie UStore version 12.3.7244.0 to apply necessary security measures and updates to mitigate this security risk.",Xerox,Xmpie Ustore,4.8,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-02-10T18:11:16.000Z,0
CVE-2022-23320,https://securityvulnerability.io/vulnerability/CVE-2022-23320,SQL Injection Vulnerability in XMPie uStore by XMPie,"XMPie uStore version 12.3.7244.0 contains a security vulnerability that allows authenticated administrators to execute raw SQL queries. The presence of default administrative credentials facilitates unauthorized access, enabling potential attackers to exfiltrate sensitive information from the database. This poses a significant risk to data confidentiality and integrity, underscoring the importance of secure configuration and proper credential management.",Xerox,Xmpie Ustore,7.5,HIGH,0.002309999894350767,false,,false,false,false,,,false,false,,2022-02-07T10:47:33.000Z,0