Lucene search
GoogleOSV:GHSA-3MMH-VQ9W-4C3GHistoryDec 21, 2022 - 3:30 a.m.
Microweber vulnerable to Reflected Cross-site Scripting
2022-12-2103:30:24
Google
osv.dev
8
microweber
vulnerable
reflected cross-site scripting
patch
available
1.3.1
prior
1.4
dev
laravel-sail
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
29.1%
Microweber versions 1.3.1 and prior are vulnerable to Reflected Cross-site Scripting (XSS). A patch is available on the 1.4, dev, and laravel-sail branches.
Related
cve
cve
CVE-2022-4617
2022-12-21 01:15:11
huntr
huntr
Post parameter namespaceMD5 is vulnerable to reflected XSS
2022-11-08 17:26:08
veracode
veracode
Reflected Cross-Site Scripting (XSS)
2022-12-22 07:29:51
github
github
Microweber vulnerable to Reflected Cross-site Scripting
2022-12-21 03:30:24
osv
osv
CVE-2022-4617
2022-12-21 01:15:11
prion
prion
Cross site scripting
2022-12-21 01:15:00
nvd
nvd
CVE-2022-4617
2022-12-21 01:15:11
cvelist
cvelist
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
29.1%
Related for OSV:GHSA-3MMH-VQ9W-4C3G