CVE-2022-34550 Information

Description

Sims v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter.

Reference

https://github.com/rawchen/sims/issues/8 http://cwe.mitre.org/data/definitions/79.html