Lucene search

CVE-2022-4876

🗓️ 04 Jan 2023 23:20:15Reported by [email protected]Type

Vulnerability in Kaltura mwEmbed up to 2.96.rc1 allows remote attackers to initiate cross site scripting via manipulation of the argument HTTP_X_FORWARDED_HOST in includes/DefaultSettings.php. Upgrade to 2.96.rc2 to fix

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
CVE	CVE-2022-4876	4 Jan 202323:15	–	cve
OSV	CVE-2022-4876	4 Jan 202323:15	–	osv
Prion	Cross site scripting	4 Jan 202323:15	–	prion
Cvelist	CVE-2022-4876 Kaltura mwEmbed DefaultSettings.php cross site scripting	4 Jan 202322:02	–	cvelist

Nvd

Node

kaltura mwembedRange≤2.95

kaltura mwembedMatch2.96rc1

Source	Link
github	www.github.com/kaltura/mwEmbed/pull/4266
vuldb	www.vuldb.com/
github	www.github.com/kaltura/mwEmbed/releases/tag/v2.96.rc2
github	www.github.com/kaltura/mwEmbed/commit/13b8812ebc8c9fa034eed91ab35ba8423a528c0b
vuldb	www.vuldb.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jan 2023 23:15Current

4.5Medium risk

Vulners AI Score4.5

CVSS24

CVSS36.1

EPSS0.00067

CWE-79