A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213785 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://drive.google.com/file/d/142cPciqIhNbfKhhxIwbrYFTegLvnwin_/view | Exploit Third Party Advisory |
https://drive.google.com/file/d/1AJXip8UG_ADbxtokPzAb61-lEg-xLebZ/view | Exploit Third Party Advisory |
https://vuldb.com/?id.213785 | Permissions Required Third Party Advisory |
https://drive.google.com/file/d/142cPciqIhNbfKhhxIwbrYFTegLvnwin_/view | Exploit Third Party Advisory |
https://drive.google.com/file/d/1AJXip8UG_ADbxtokPzAb61-lEg-xLebZ/view | Exploit Third Party Advisory |
https://vuldb.com/?id.213785 | Permissions Required Third Party Advisory |
Configurations
History
21 Nov 2024, 07:34
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | () https://drive.google.com/file/d/142cPciqIhNbfKhhxIwbrYFTegLvnwin_/view - Exploit, Third Party Advisory | |
References | () https://drive.google.com/file/d/1AJXip8UG_ADbxtokPzAb61-lEg-xLebZ/view - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?id.213785 - Permissions Required, Third Party Advisory |
27 Jun 2023, 19:28
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-707 CWE-74 |
CWE-116 |
Information
Published : 2022-11-16 08:15
Updated : 2024-11-21 07:34
NVD link : CVE-2022-4011
Mitre link : CVE-2022-4011
CVE.ORG link : CVE-2022-4011
JSON object : View
Products Affected
simple_history_project
- simple_history