A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.
History

Wed, 16 Apr 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-11-30T23:07:29.206Z

Updated: 2025-04-16T16:05:41.671Z

Reserved: 2022-09-29T14:08:03.147Z

Link: CVE-2022-40204

cve-icon Vulnrichment

Updated: 2024-08-03T12:14:39.899Z

cve-icon NVD

Status : Modified

Published: 2022-12-01T00:15:09.883

Modified: 2024-11-21T07:21:03.743

Link: CVE-2022-40204

cve-icon Redhat

No data.