CVE-2022-3958 Information

Description

Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users. This allows for targeted attacks.

Reference

https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2022-07