Reflected Cross-Site Scripting Vulnerability (CVE-2022-38110)

Summary

In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.

Affected Products

  • Database Performance Analyzer 2022.4

Fixed Software Release

Advisory Details
Severity
Medium
Advisory ID

CVE-2022-38110

First Published
01/18/2023
Fixed Version

Database Performance Analyzer 2023.1

CVSS Score

CVSS:3.1/ AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Download PDF
Send an Email