Lucene search
GoogleOSV:CVE-2022-21715HistoryJan 24, 2022 - 8:15 p.m.
CVE-2022-21715
2022-01-2420:15:08
Google
osv.dev
9
0.001 Low
EPSS
Percentile
35.4%
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in API\ResponseTrait in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using API\ResponseTrait. Version 4.1.8 contains a patch for this vulnerability. There are two potential workarounds available. Users may avoid using API\ResponseTrait or ResourceController Users may also disable Auto Route and use defined routes only.
Related
github
github
Cross-site Scripting Vulnerability in CodeIgniter4
2022-01-27 15:09:00
osv
osv
BIT-codeigniter-2022-21715
2024-03-06 10:54:26
Cross-site Scripting Vulnerability in CodeIgniter4
2022-01-27 15:09:00
veracode
veracode
Cross-site Scripting (XSS)
2022-01-25 05:08:03
prion
prion
Cross site scripting
2022-01-24 20:15:00
cvelist
cvelist
CVE-2022-21715 Cross-site Scripting Vulnerability in CodeIgniter4
2022-01-24 19:55:10
nvd
nvd
CVE-2022-21715
2022-01-24 20:15:08
friendsofphp
friendsofphp
CVE-2022-21715: XSS Vulnerability in API\ResponseTrait in CodeIgniter4
2022-01-24 17:41:56
cve
cve
CVE-2022-21715
2022-01-24 20:15:08