S4E

CVE-2022-31299 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Haraj affects v. 3.7.

SCAN NOW

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 second

Time Interval

4 week

Scan only one

Url

Toolbox

-

Haraj is a popular software application that facilitates online marketplaces in the Middle Eastern region. Launched in 2011, the platform serves as a hub for buyers and sellers to engage in commerce in a safe and efficient manner. The application is available on both iOS and Android platforms and also has a website that customers can access from their web browsers. By using Haraj, users can buy and sell anything ranging from cars, mobile phones, furniture to even real estate properties.

The CVE-2022-31299 vulnerability was recently detected in the Haraj v3.7 software application. This vulnerability is a reflected cross-site scripting (XSS) vulnerability that exists in the User Upgrade Form. A reflected XSS attack is a type of cyberattack where an attacker injects malicious code into a web page, which is then sent to a victim's browser through an otherwise legitimate website. The vulnerability code allows hackers to execute malicious code by tricking the victim into clicking a link that contains the code.

Exploiting this vulnerability can lead to attackers gaining unwarranted access to a user's personal data, including sensitive information such as bank details and login credentials. Once the attacker gains access, they can steal, destroy or even manipulate this information for their own purposes, such as identity theft or financial fraud. This can cause severe harm to the victim and potentially lead to disastrous consequences.

Thanks to the pro features of s4e.io platform, users can stay up-to-date with the latest developments in cybersecurity. By accessing this platform, they can easily and quickly learn about any vulnerabilities present in their digital assets. This will help them protect against any unforeseen cyberattacks and ensure their online safety and security.

 

REFERENCES

Get started to protecting your Free Full Security Scan