A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213785 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://drive.google.com/file/d/142cPciqIhNbfKhhxIwbrYFTegLvnwin_/view | Exploit Third Party Advisory |
https://drive.google.com/file/d/1AJXip8UG_ADbxtokPzAb61-lEg-xLebZ/view | Exploit Third Party Advisory |
https://vuldb.com/?id.213785 | Permissions Required Third Party Advisory |
Configurations
History
27 Jun 2023, 19:28
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-707 CWE-74 |
CWE-116 |
Information
Published : 2022-11-16 08:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-4011
Mitre link : CVE-2022-4011
CVE.ORG link : CVE-2022-4011
JSON object : View
Products Affected
simple_history_project
- simple_history