Lucene search
China National Vulnerability DatabaseCNVD-2022-58957HistoryJun 21, 2022 - 12:00 a.m.
InvenTree Cross-Site Scripting Vulnerability
2022-06-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
21.4%
InvenTree is InvenTree open source an open source inventory management system . A cross-site scripting vulnerability exists in InvenTree versions prior to 0.7.2, which stems from the application’s lack of filtering and escaping for parameter data. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| inventree inventree | lt | 0.7.2 |
Related
huntr
huntr
Stored XSS in Part Description
2022-06-11 08:44:40
osv
osv
CVE-2022-2113
2022-06-17 13:15:13
cve
cve
CVE-2022-2113
2022-06-17 13:15:13
prion
prion
Cross site scripting
2022-06-17 13:15:00
cvelist
cvelist
CVE-2022-2113 Cross-site Scripting (XSS) - Stored in inventree/inventree
2022-06-17 10:20:10
nvd
nvd
CVE-2022-2113
2022-06-17 13:15:13
fedora
fedora
[SECURITY] Fedora 36 Update: microcode_ctl-2.1-51.fc36
2022-05-12 01:13:57
[SECURITY] Fedora 35 Update: microcode_ctl-2.1-47.3.fc35
2022-05-12 01:20:54
[SECURITY] Fedora 34 Update: microcode_ctl-2.1-46.3.fc34
2022-05-19 01:01:19