3 matches found
CVE-2022-4730
Graphite-Web contains multiple cross-site scripting vulnerabilities in components including the Absolute Time Range Handler. CVE-2022-4730 (along with CVE-2022-4728 and CVE-2022-4729) affect graphite-web and could be exploited remotely. Debian reports these issues and provides a security update: ...
CVE-2022-4728
Summary of concrete details (CVE-2022-4728): The vulnerability affects Graphite-Web, specifically in the Cookie Handler component, enabling cross-site scripting via crafted inputs. It is triggered remotely and has public exploit information in the referenced sources. Affected/distributed advisori...
CVE-2022-4729
Graphite-Web (Graphite-Web) is affected by CVE-2022-4729. The vulnerability involves cross-site scripting in the Template Name Handler, allowing remote exploitation. Debian and Ubuntu advisories list Graphite-Web as vulnerable and note XSS across multiple components (Cookie Handler, Template Name...