Lucene search

K
cvelistHackeroneCVELIST:CVE-2022-22577
HistoryMay 26, 2022 - 12:00 a.m.

CVE-2022-22577

2022-05-2600:00:00
CWE-79
hackerone
www.cve.org

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.9%

An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "https://github.com/rails/rails",
    "versions": [
      {
        "version": "7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1",
        "status": "affected"
      }
    ]
  }
]

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.9%