CVE-2022-1592 Information
Jun 07, 2022
cve
Description
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie request to private area or lead to xss…
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Reference
https://huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27 https://github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
LOW
Base Score
NONE
Base Severity
8.2
Share on: