CVE-2022-41472: n/a in n/a
74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
AI Analysis
Technical Summary
CVE-2022-41472 is a cross-site scripting (XSS) vulnerability identified in the 74cmsSE software version 3.12.0, specifically within the /apiadmin/notice/add component. This vulnerability arises due to insufficient input sanitization or output encoding of the Title field, allowing an attacker to inject crafted malicious scripts or HTML code. When a victim user accesses the affected functionality or page, the injected script executes in their browser context, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of the user. The vulnerability requires the attacker to have low privileges (PR:L) and user interaction (UI:R), such as tricking an authenticated user into visiting a malicious link or submitting crafted input. The CVSS v3.1 base score is 5.4 (medium severity), reflecting network attack vector (AV:N), low attack complexity (AC:L), partial privileges required, user interaction, and a scope change (S:C) indicating that the vulnerability affects resources beyond the initially vulnerable component. The impact affects confidentiality and integrity but not availability. No known public exploits have been reported, and no patches are currently linked, indicating that mitigation may rely on configuration or input validation improvements by administrators or developers.
Potential Impact
For European organizations, this vulnerability poses a moderate risk primarily to web applications using 74cmsSE v3.12.0 or similar components. Successful exploitation could lead to unauthorized disclosure of sensitive information, session hijacking, or manipulation of web content, undermining user trust and potentially leading to further attacks such as phishing or privilege escalation. Organizations in sectors with high regulatory scrutiny, such as finance, healthcare, or government, may face compliance risks if user data confidentiality is compromised. Additionally, the scope change in the CVSS vector suggests that the vulnerability could affect multiple components or users beyond the initial target, increasing potential damage. However, the requirement for user interaction and partial privileges limits the ease of exploitation, somewhat reducing the overall threat level. Nonetheless, attackers targeting European entities with web-facing 74cmsSE installations could leverage this vulnerability for targeted attacks or lateral movement within networks.
Mitigation Recommendations
To mitigate CVE-2022-41472, European organizations should first identify any deployments of 74cmsSE v3.12.0 or related components. Since no official patches are currently linked, immediate mitigation should focus on implementing strict input validation and output encoding on the Title field within the /apiadmin/notice/add endpoint to neutralize malicious scripts. Web application firewalls (WAFs) can be configured to detect and block typical XSS payloads targeting this endpoint. Additionally, enforcing the principle of least privilege to limit user permissions reduces the risk posed by partial privilege requirements. Organizations should also educate users and administrators about the risks of interacting with untrusted inputs and monitor logs for suspicious activity related to this API endpoint. Regular security assessments and code reviews focusing on injection vulnerabilities will help prevent similar issues. Finally, organizations should stay alert for vendor patches or updates addressing this vulnerability and apply them promptly once available.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland
CVE-2022-41472: n/a in n/a
Description
74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
AI-Powered Analysis
Technical Analysis
CVE-2022-41472 is a cross-site scripting (XSS) vulnerability identified in the 74cmsSE software version 3.12.0, specifically within the /apiadmin/notice/add component. This vulnerability arises due to insufficient input sanitization or output encoding of the Title field, allowing an attacker to inject crafted malicious scripts or HTML code. When a victim user accesses the affected functionality or page, the injected script executes in their browser context, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of the user. The vulnerability requires the attacker to have low privileges (PR:L) and user interaction (UI:R), such as tricking an authenticated user into visiting a malicious link or submitting crafted input. The CVSS v3.1 base score is 5.4 (medium severity), reflecting network attack vector (AV:N), low attack complexity (AC:L), partial privileges required, user interaction, and a scope change (S:C) indicating that the vulnerability affects resources beyond the initially vulnerable component. The impact affects confidentiality and integrity but not availability. No known public exploits have been reported, and no patches are currently linked, indicating that mitigation may rely on configuration or input validation improvements by administrators or developers.
Potential Impact
For European organizations, this vulnerability poses a moderate risk primarily to web applications using 74cmsSE v3.12.0 or similar components. Successful exploitation could lead to unauthorized disclosure of sensitive information, session hijacking, or manipulation of web content, undermining user trust and potentially leading to further attacks such as phishing or privilege escalation. Organizations in sectors with high regulatory scrutiny, such as finance, healthcare, or government, may face compliance risks if user data confidentiality is compromised. Additionally, the scope change in the CVSS vector suggests that the vulnerability could affect multiple components or users beyond the initial target, increasing potential damage. However, the requirement for user interaction and partial privileges limits the ease of exploitation, somewhat reducing the overall threat level. Nonetheless, attackers targeting European entities with web-facing 74cmsSE installations could leverage this vulnerability for targeted attacks or lateral movement within networks.
Mitigation Recommendations
To mitigate CVE-2022-41472, European organizations should first identify any deployments of 74cmsSE v3.12.0 or related components. Since no official patches are currently linked, immediate mitigation should focus on implementing strict input validation and output encoding on the Title field within the /apiadmin/notice/add endpoint to neutralize malicious scripts. Web application firewalls (WAFs) can be configured to detect and block typical XSS payloads targeting this endpoint. Additionally, enforcing the principle of least privilege to limit user permissions reduces the risk posed by partial privilege requirements. Organizations should also educate users and administrators about the risks of interacting with untrusted inputs and monitor logs for suspicious activity related to this API endpoint. Regular security assessments and code reviews focusing on injection vulnerabilities will help prevent similar issues. Finally, organizations should stay alert for vendor patches or updates addressing this vulnerability and apply them promptly once available.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-09-26T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fb1484d88663aec82d
Added to database: 5/20/2025, 6:59:07 PM
Last enriched: 7/6/2025, 1:11:00 PM
Last updated: 8/17/2025, 12:13:44 AM
Views: 11
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.