CVE-2022-46332

The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
Configurations

Configuration 1 (hide)

cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:30

Type Values Removed Values Added
References () https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002 - Vendor Advisory () https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002 - Vendor Advisory

07 Nov 2023, 03:55

Type Values Removed Values Added
Summary The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below. The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.

Information

Published : 2022-12-06 20:15

Updated : 2024-11-21 07:30


NVD link : CVE-2022-46332

Mitre link : CVE-2022-46332

CVE.ORG link : CVE-2022-46332


JSON object : View

Products Affected

proofpoint

  • enterprise_protection
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')