Security Advisory

CVE-2022-3958

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-15 14:24:49

Last updated 2025-04-29 20:09:39

Assigner HW

State PUBLISHED

Description

Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks.

← Browse all CVEs View on cve.org ↗