Headline
CVE-2022-41434: gist:83553302a1960311c8c4c8cc4a974577
EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
CVE-2022-XXXXX
------------------------------------------
[Suggested description]
EyesOfNetwork web interface 5.3 allows to conduct reflected XSS attacks.
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]
EyesOfNetwork
------------------------------------------
[Affected Product Code Base]
EyesOfNetwork web interface 5.3
------------------------------------------
[Affected Component]
We found reflected xss at /lilac/main.php
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Attack Vectors]
https://github.com/EyesOfNetworkCommunity/eonweb/issues/117
------------------------------------------
[Reference]
EyesOfNetwork web interface 5.3 (https://github.com/EyesOfNetworkCommunity/eonweb)
------------------------------------------
[Discoverer]
Yuriy Bairov, Dmitriy Tatarov