2 matches found
CVE-2022-23045
PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS...
CVE-2022-23045
PhpIPAM is affected by CVE-2022-23045 in v1.4.4. An authenticated admin can inject persistent JavaScript via the Site title when updating site settings, leading to a cross-site scripting (XSS) vulnerability that can affect multiple injection points and trigger client-side code execution. The vuln...