Cross site scripting

2022-12-0523:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

stackstorm

web ui

vulnerability

nvd

html injection

0.001 Low

EPSS

Percentile

23.0%

JSON

Cross-site scripting (XSS) vulnerability in the Web UI of StackStorm versions prior to 3.8.0 allowed logged in users with write access to pack rules to inject arbitrary script or HTML that may be executed in Web UI for other logged in users.

CPENameOperatorVersion
stackstormlt3.8.0

CPE	Name	Operator	Version
	stackstorm	lt	3.8.0

References

stackstorm.com/2022/12/v3-8-0-released/

0.001 Low

EPSS

Percentile

23.0%

JSON

Related for PRION:CVE-2022-43706