SYNEL - eharmony Authenticated Blind & Stored XSS Vulnerability
CVE-2022-22791 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system.
Learn more about our Web Application Penetration Testing UK.