Security Advisory

CVE-2022-44012

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-25 00:00:00

Last updated 2025-04-15 13:31:58

Assigner mitre

State PUBLISHED

Description

An issue was discovered in /DS/LM_API/api/SelectionService/InsertQueryWithActiveRelationsReturnId in Simmeth Lieferantenmanager before 5.6. An attacker can execute JavaScript code in the browser of the victim if a site is loaded. The victims encrypted password can be stolen and most likely be decrypted.

← Browse all CVEs View on cve.org ↗