Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-2514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the paramete...

8CVSS6.8AI score0.00698EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 9:18 p.m.6 views

CVE-2022-2514

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

8CVSS5.8AI score0.00698EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/25 2:15 p.m.20 views

CVE-2022-2514

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

8CVSS6.8AI score0.00698EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/07/25 2:15 p.m.14 views

CVE-2022-2514

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

8CVSS6.8AI score0.00698EPSS
Exploits1References3
CVE
CVE
added 2022/07/25 1:42 p.m.78 views

CVE-2022-2514

CVE-2022-2514 affects Fava (beancount) prior to v1.22, with a reflected XSS due to failure to escape error messages that echoed the time and filter parameters. This is a cross-site scripting vulnerability in the beancount/fava stack that can expose user data via crafted input. A GitHub commit ca9...

8CVSS6.2AI score0.00698EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/25 1:42 p.m.16 views

CVE-2022-2514 Cross-site Scripting (XSS) - Reflected in beancount/fava

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

8CVSS6.1AI score0.00698EPSS
Exploits1References2
Rows per page
Query Builder