Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistApacheCVELIST:CVE-2022-42466
HistoryOct 19, 2022 - 12:00 a.m.

CVE-2022-42466 XSS vulnerability, eg for String properties.

2022-10-1900:00:00
CWE-79
apache
raw.githubusercontent.com
1

0.002 Low

EPSS

Percentile

58.3%

JSON

Prior to 2.0.0-M9, it was possible for an end-user to set the value of an editable string property of a domain object to a value that would be rendered unchanged when the value was saved. In particular, the end-user could enter javascript or similar and this would be executed. As of this release, the inputted strings are properly escaped when rendered.

Related

cnvd 1
veracode 1
prion 1
github 1
cve 1
osv 2
cnvd
cnvd
Apache Isis Cross-Site Scripting Vulnerability
2022-10-21 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2022-10-20 08:36:40
prion
prion
Code injection
2022-10-19 08:15:00
github
github
Apache Isis Cross-site Scripting vulnerability
2022-10-19 12:00:18
cve
cve
CVE-2022-42466
2022-10-19 08:15:00
osv
osv
Apache Isis Cross-site Scripting vulnerability
2022-10-19 12:00:18
CVE-2022-42466
2022-10-19 08:15:11

0.002 Low

EPSS

Percentile

58.3%

JSON
Related for CVELIST:CVE-2022-42466
cnvd1veracode1prion1github1cve1osv2