Lucene search
ApacheCVELIST:CVE-2022-34870HistoryOct 25, 2022 - 12:00 a.m.
CVE-2022-34870 Apache Geode stored Cross-Site Scripting (XSS) via data injection vulnerability in Pulse web application
2022-10-2500:00:00
apache
www.cve.org
apache geode
xss
data injection
pulse web app
vulnerability
0.001 Low
EPSS
Percentile
26.6%
Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.
CNA Affected
[
{
"vendor": "Apache Software Foundation",
"product": "Apache Geode",
"versions": [
{
"version": "Apache Geode",
"status": "affected",
"lessThanOrEqual": "1.15.0",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2022-34870
2022-10-25 17:15:53
Apache Geode vulnerable to Cross-Site Scripting
2022-10-25 19:00:27
prion
prion
Cross site scripting
2022-10-25 17:15:00
veracode
veracode
Cross-Site Scripting (XSS)
2022-10-26 05:04:04
github
github
Apache Geode vulnerable to Cross-Site Scripting
2022-10-25 19:00:27
nvd
nvd
CVE-2022-34870
2022-10-25 17:15:53
cve
cve
CVE-2022-34870
2022-10-25 17:15:53