Lucene search
PRIOn knowledge basePRION:CVE-2022-43670HistoryNov 02, 2022 - 1:15 p.m.
Cross site scripting
2022-11-0213:15:00
PRIOn knowledge base
www.prio-n.com
5
input neutralization
web page generation
cross-site scripting
sling app cms
reflected xss
taxonomy management
0.001 Low
EPSS
Percentile
30.3%
An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the taxonomy management feature.
Related
osv
osv
Apache Sling App CMS vulnerable to Cross-site Scripting
2022-11-02 19:00:31
CVE-2022-43670
2022-11-02 13:15:19
veracode
veracode
Cross-Site Scripting (XSS)
2022-11-03 05:39:23
cve
cve
CVE-2022-43670
2022-11-02 13:15:19
nvd
nvd
CVE-2022-43670
2022-11-02 13:15:19
github
github
Apache Sling App CMS vulnerable to Cross-site Scripting
2022-11-02 19:00:31
cvelist
cvelist
CVE-2022-43670 XSS in Sling CMS Reference App Taxonomy Path
2022-11-02 00:00:00