Lucene search
+L

4 matches found

cve
cve
added 2022/01/24 7:55 p.m.97 views

CVE-2022-21715

CodeIgniter4 4.x contains an XSS vulnerability in API\ResponseTrait present before 4.1.8. The issue allows cross-site scripting if a victim uses API\ResponseTrait; a patch is available in 4.1.8. Mitigations/workarounds in the sources include upgrading to 4.1.8 or later, not using API\ResponseTrai...

6.1CVSS5.7AI score0.01002EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2022/01/24 7:55 p.m.6 views

CVE-2022-21715 Cross-site Scripting Vulnerability in CodeIgniter4

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting XSS vulnerability was found in API\ResponseTrait in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using API\ResponseTrait. Version 4.1.8 contains a...

5.4CVSS6AI score0.01002EPSS
Exploits0References3
osv
osv
added 2022/01/24 7:55 p.m.43 views

CVE-2022-21715 Cross-site Scripting Vulnerability in CodeIgniter4

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting XSS vulnerability was found in API\ResponseTrait in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using API\ResponseTrait. Version 4.1.8 contains a...

5.4CVSS5.6AI score0.01002EPSS
Exploits0References5
friendsofphp
friendsofphp
added 2022/01/24 5:41 p.m.37 views

CVE-2022-21715: XSS Vulnerability in API\ResponseTrait in CodeIgniter4

Impact Cross-Site Scripting XSS vulnerability was found in API\ResponseTrait in Codeigniter4. Attackers can do XSS attacks if you are using API\ResponseTrait. Patches Upgrade to v4.1.8 or later. Workarounds Do one of the following: 1. Do not use API\ResponseTrait nor ResourceController 2. Disable...

6.1CVSS5.5AI score0.01002EPSS
Exploits0Affected Software1
Rows per page
Query Builder