Lucene search
China National Vulnerability DatabaseCNVD-2022-77818HistoryMay 20, 2022 - 12:00 a.m.
Erudika Para Cross-Site Scripting Vulnerability
2022-05-2000:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
30.2%
Erudika Para is a command-line interface from the Bulgarian company Erudika. cross-site scripting vulnerability exists in versions prior to Erudika Para v1.45.11, which stems from a function in Utils.java that lacks filtering and escaping for user data. An attacker could use this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| erudika erudika para <v | eq | 1.45.11 |
Related
github
github
Cross-site Scripting in com.erudika:para-core
2022-05-19 00:00:30
prion
prion
Cross site scripting
2022-05-18 15:15:00
nvd
nvd
CVE-2022-1782
2022-05-18 15:15:08
huntr
huntr
Html Injection lead to cross site scripting
2022-05-14 12:55:25
veracode
veracode
Cross-site Scripting (XSS)
2022-05-20 03:46:24
osv
osv
Cross-site Scripting in com.erudika:para-core
2022-05-19 00:00:30
CVE-2022-1782
2022-05-18 15:15:08
cvelist
cvelist
CVE-2022-1782 Cross-site Scripting (XSS) - Generic in erudika/para
2022-05-18 09:00:14
cve
cve
CVE-2022-1782
2022-05-18 15:15:08