How severe is CVE-2022-3704?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2022-3704?

This is classified as CWE-707, which is a common weakness in software security.

CVE-2022-3704

MEDIUM Year: 2022

CVSS v3 Score

5.4

Medium

Weakness Type

CWE-707

View all →

Vulnerability Description

A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The real existence of this vulnerability is still doubted at the moment. The name of the patch is be177e4566747b73ff63fd5f529fab564e475ed4. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-212319. NOTE: Maintainer declares that there isn’t a valid attack vector. The issue was wrongly reported as a security vulnerability by a non-member of the Rails team.

CVE-2020-11026

MEDIUM

CVSS:5.4(Medium)

In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with...

CWE-7072020

CVE-2020-11030

MEDIUM

CVSS:5.4(Medium)

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ...

CWE-7072020

CVE-2020-36609

MEDIUM

CVSS:5.4(Medium)

A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler...

CWE-7072020

CVE-2022-3333

MEDIUM

CVSS:5.4(Medium)

A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/create/ of the component REST Call Handler....

CWE-7072022

CVE-2022-3434

MEDIUM

CVSS:5.4(Medium)

A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The...

CWE-7072022

CVE-2022-3452

MEDIUM

CVSS:5.4(Medium)

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation o...

CWE-7072022

CVE-2022-3704

Vulnerability Description

Related Vulnerabilities

CVE-2020-11026

CVE-2020-11030

CVE-2020-36609

CVE-2022-3333

CVE-2022-3434

CVE-2022-3452