{"api_version":"1","generated_at":"2026-05-30T13:53:01+00:00","cve":"CVE-2022-30874","urls":{"html":"https://cve.report/CVE-2022-30874","api":"https://cve.report/api/cve/CVE-2022-30874.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-30874","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-30874"},"summary":{"title":"CVE-2022-30874","description":"There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-06-21 15:15:00","updated_at":"2022-09-13 21:26:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://whitehub.net/submissions/2968","name":"https://whitehub.net/submissions/2968","refsource":"MISC","tags":[],"title":"WhiteHub | The Hub for White Hat Hackers","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/nukeviet/nukeviet","name":"https://github.com/nukeviet/nukeviet","refsource":"MISC","tags":[],"title":"GitHub - nukeviet/nukeviet: NukeViet CMS is multi Content Management System. NukeViet CMS is the 1st open source content management system in Vietnam. NukeViet was awarded the Vietnam Talent 2011, the Ministry of Education and Training Vietnam officially encouraged to use.","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://blog.stmcyber.com/vulns/cve-2022-30874/","name":"https://blog.stmcyber.com/vulns/cve-2022-30874/","refsource":"MISC","tags":[],"title":"CVE-2022-30874 - STM Cyber Blog","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-30874","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30874","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"30874","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nukeviet","cpe5":"nukeviet","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-30874","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://github.com/nukeviet/nukeviet","refsource":"MISC","name":"https://github.com/nukeviet/nukeviet"},{"refsource":"MISC","name":"https://blog.stmcyber.com/vulns/cve-2022-30874/","url":"https://blog.stmcyber.com/vulns/cve-2022-30874/"},{"refsource":"MISC","name":"https://whitehub.net/submissions/2968","url":"https://whitehub.net/submissions/2968"}]}},"nvd":{"publishedDate":"2022-06-21 15:15:00","lastModifiedDate":"2022-09-13 21:26:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.3,"impactScore":2.7},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":3.5},"severity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nukeviet:nukeviet:*:*:*:*:*:*:*:*","versionEndExcluding":"4.5.02","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}