CVE-2022-4554

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347.

medium 5.4 CVSS 3.1

Published: Jan 24, 2023

Modified: May 20, 2026

Description

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0022
https://www.usom.gov.tr/bildirim/tr-23-0022
https://www.usom.gov.tr/bildirim/tr-23-0022

CVSS Breakdown

Version	3.1
Score	5.4 / 10
Severity	medium

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Weakness (CWE)

CWE-79

Affected Product

Vendor	Idyazilim
Product	B2B Dealer Order System