CVE-2022-50963 in uBidAuctionИнформация

Сводка

по MITRE • 10.05.2026

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The date_created, date_from, date_to, and created_at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests that execute in victims' browsers.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

11.01.2026

Раскрытие

10.05.2026

Модерация

принято

Вход

VDB-362535

CPE

готов

CWE

CWE-79 (Подтверждённый)

Эксплойт

Скачать

CVSS

6.1 (CNA)

EPSS

0.00042

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-50963
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-50963
CVE Details	https://www.cvedetails.com/cve/CVE-2022-50963/

◂ Предыдущий Обзор Далее ▸

Want to know what is going to be exploited?

We predict KEV entries!