cvedb.io
CVE-2022-39813
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2023-01-27T22:15:08.470 · Last modified 2026-06-17T04:58:21.637

Summary

Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/j_security_check via the j_username parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The payload would then be triggered every time an authenticated user browses the page containing it.

Affected products

italtel — netmatch-s_ci

Does this affect you?

Add your gear to cvedb and we'll alert you only when italtel ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.