2 matches found
CVE-2022-0678 Cross-site Scripting (XSS) - Reflected in microweber/microweber
Cross-site Scripting XSS - Reflected in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0678
CVE-2022-0678 affects Microweber/Microweber prior to version 1.2.11, with a reflected XSS via the logout flow where the redirectUrl parameter can be manipulated to inject scripts. The Nuclei template confirms the vulnerability as a Cross-Site Scripting issue in microweber/microweber before 1.2.11...