Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:12 a.m.11 views

CVE-2022-1439

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...

6.3CVSS5.9AI score0.0327EPSS
Exploits1References1
Huntr
Huntr
added 2022/04/28 8:2 p.m.41 views

Reflected XSS

Description Bypass XSS filter on /module/ Proof of Concept https://demo.microweber.org/demo/module/?module=admin%2Fmodules%2Fmanage&id=x"draggable="true"ondragexit=alert1&class=x&fromurl=x Drag something around to trigger the XSS. Might only work in FireFox. How to fix This is still CVE-2022-1439...

4.3CVSS0.1AI score0.0327EPSS
Exploits2
Circl
Circl
added 2022/04/22 8:28 p.m.214 views

CVE-2022-1439

creationtimestamp| type| source ---|---|--- 2022-04-22 20:28:04+00:00| seen| https://t.me/cibsecurity/41333 2024-11-24 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-24 2025-02-05 00:00:00+00:00| exploited| The Shadowserver...

6.3CVSS6.5AI score0.0327EPSS
In wildExploits1References3
Cvelist
Cvelist
added 2022/04/22 4:30 p.m.35 views

CVE-2022-1439 Reflected XSS on demo.microweber.org/demo/module/ in microweber/microweber

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...

6.3CVSS6.2AI score0.0327EPSS
Exploits1References2
CVE
CVE
added 2022/04/22 4:30 p.m.93 views

CVE-2022-1439

CVE-2022-1439 is a documented reflected cross-site scripting vulnerability affecting Microweber prior to version 1.2.15, where an attacker could execute arbitrary JavaScript in the context of the victim’s browser on the vulnerable page (demo.microweber.org/demo/module/). Multiple connected source...

6.3CVSS5.9AI score0.0327EPSS
In wildExploits1References2Affected Software1
OSV
OSV
added 2022/04/22 4:30 p.m.22 views

CVE-2022-1439 Reflected XSS on demo.microweber.org/demo/module/ in microweber/microweber

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...

6.3CVSS6.2AI score0.0327EPSS
Exploits1References4
Rows per page
Query Builder