3 matches found
CVE-2022-46769
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...
CVE-2022-46769
CVE-2022-46769 describes an improper neutralization of input during web page generation (CWE-79) leading to a reflected Cross-site Scripting (XSS) vulnerability in Sling App CMS version 1.1.2 and earlier. The issue permits an authenticated remote attacker to perform a reflected XSS attack via the...
CVE-2022-46769 Apache Sling App CMS: XSS in CMS Site Group Detail
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting XSS attack in the site group feature. Upgrade to Apache Sling...