CVE-2022-31299 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in Haraj affects v. 3.7.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Url
Toolbox
-
Haraj is a popular software application that facilitates online marketplaces in the Middle Eastern region. Launched in 2011, the platform serves as a hub for buyers and sellers to engage in commerce in a safe and efficient manner. The application is available on both iOS and Android platforms and also has a website that customers can access from their web browsers. By using Haraj, users can buy and sell anything ranging from cars, mobile phones, furniture to even real estate properties.
The CVE-2022-31299 vulnerability was recently detected in the Haraj v3.7 software application. This vulnerability is a reflected cross-site scripting (XSS) vulnerability that exists in the User Upgrade Form. A reflected XSS attack is a type of cyberattack where an attacker injects malicious code into a web page, which is then sent to a victim's browser through an otherwise legitimate website. The vulnerability code allows hackers to execute malicious code by tricking the victim into clicking a link that contains the code.
Exploiting this vulnerability can lead to attackers gaining unwarranted access to a user's personal data, including sensitive information such as bank details and login credentials. Once the attacker gains access, they can steal, destroy or even manipulate this information for their own purposes, such as identity theft or financial fraud. This can cause severe harm to the victim and potentially lead to disastrous consequences.
Thanks to the pro features of s4e.io platform, users can stay up-to-date with the latest developments in cybersecurity. By accessing this platform, they can easily and quickly learn about any vulnerabilities present in their digital assets. This will help them protect against any unforeseen cyberattacks and ensure their online safety and security.
REFERENCES