CVE-2022-42992Medium· 5.4▾ SunlitMultiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App v1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Train Code, Train Name, and Destination text fields.
▾ Sunlit zone — Low / medium · no exploitation signal
impact 29.7 · likelihood 0.1 · exploitation 0
The latest CVEs are free to read. CVE-2022-42992 is outside the free window — sign in (free) to view the full technical detail, affected versions, references, and raw markdown.