com.erudika:para-cache-hazelcast (>=1.26.0 <=1.39.0), com.erudika:para-client (>=1.13 <=1.45.10) +9 more potentially affected by CVE-2022-1782 via com.erudika:para-core (>=1.13 <=1.45.10)

com.erudika:para-core MAVEN version =1.13, =1.26.0, =1.13, =1.20.0, =1.18.0, =1.28.1, =1.30.0, =1.25.0, =1.29.0, =1.28.0, =1.13, =1.24.4, =1.45.10 Source cves: CVE-2022-1782 Source advisory: OSV:GHSA-PHVW-R25P-8XV7...

CVE-2022-1782

creationtimestamp| type| source ---|---|--- 2022-05-18 18:28:46+00:00| seen| https://t.me/cibsecurity/42919...

CVE-2022-1782 Cross-site Scripting (XSS) - Generic in erudika/para

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

CVE-2022-1782

CVE-2022-1782 affects the GitHub repo erudika/para, with a Cross-site Scripting (XSS) vulnerability in versions prior to v1.45.11. The root cause is described as a data handling flaw in the code path (Utils.java) that fails to filter/escape user input, enabling an attacker to inject JavaScript. I...