CVE-2022-0929

XSS on dynamictext module in GitHub repository microweber/microweber prior to 1.2.11...

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to cross-site scriptingXSS attacks. The vulnerable dynamictext module, allow attackers to inject and execute malicious javascript...

Cross-site Scripting in microweber

XSS on dynamictext module in GitHub repository microweber/microweber prior to 1.2.12...

GHSA-5FXF-X22X-5Q38 Cross-site Scripting in microweber

XSS on dynamictext module in GitHub repository microweber/microweber prior to 1.2.12...

CVE-2022-0929

XSS on dynamictext module in GitHub repository microweber/microweber prior to 1.2.11...

CVE-2022-0929

The CVE-2022-0929 issue affects microweber/microweber, specifically the dynamic_text module. Reported as a cross-site scripting (XSS) vulnerability in the dynamic_text component, with vulnerable versions noted as prior to 1.2.11 (and related advisories referencing up to 1.2.12). The root cause is...

Microweber 跨站脚本漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A security vulnerability exists in Microweber before 1.2.11. The vulnerability stems fro...

XSS on dynamic_text module

Description There is XSS vulnerability on dynamictext module. Proof of Concept Visit - https://demo.microweber.org/demo/admin/view:modules/loadmodule:dynamictext Impact Below Post request was used to upload XSS payload POST /demo/api/savedynamictext HTTP/1.1 Host: demo.microweber.org Cookie:...