SYNEL - eharmony Authenticated Blind & Stored XSS Vulnerability

SYNEL - eharmony Authenticated Blind & Stored XSS Vulnerability

CVE-2022-22791 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system.

Learn more about our Web Application Penetration Testing UK.