Security for everyone

CVE-2022-32772 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in WWBN AVideo affects v. 11.6 and dev master commit 3f7c0364.

SCAN NOW

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Source

-

WWBN AVideo is a video streaming and sharing platform that is designed to cater to small, medium, and large enterprises. This platform allows users to upload, stream, and share videos online, making it an important tool for companies engaging in digital marketing. With its user-friendly interface, businesses can create catchy videos that are easy to share on different social media platforms. WWBN AVideo provides a robust environment for video creation, editing, and distribution, making it an ideal platform for enterprises looking to enhance their online visibility.

Recently, a security vulnerability known as CVE-2022-32772 has been detected in WWBN AVideo version 11.6 and dev master commit 3f7c0364. This vulnerability arises from the footer alerts functionality of the platform, which is prone to cross-site scripting (XSS). The code targeted by the attack is the "msg" parameter, which is injected into the webpage without proper sanitization. This makes it possible for attackers to run arbitrary JavaScript code on the victim's browser.

When exploited, CVE-2022-32772 can lead to the theft of user credentials, unauthorized access to sensitive data, and injection of malicious code into the database. With access to the user's account, an attacker can execute various malicious activities such as uploading malware or stealing sensitive data. In addition, the vulnerability can lead to the hijacking of user sessions, enabling an attacker to gain control of a victim's browser. This can lead to a range of malicious activities including theft of sensitive information and unauthorized access to the victim's device.

In conclusion, it is important for enterprises to remain vigilant against the ever-increasing threat landscape. Thanks to the pro features of Securityforeveryone.com, organizations can easily and quickly identify vulnerabilities in their digital assets. This platform offers comprehensive vulnerability scans that help businesses to identify their security gaps and take proactive steps to prevent attacks. With the right security strategy and toolset, it is possible to mitigate the risks posed by vulnerabilities like CVE-2022-32772 and safeguard organizations against cyber threats.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture