Lucene search
Veracode Vulnerability DatabaseVERACODE:34387HistoryFeb 25, 2022 - 10:41 a.m.
Cross-site Scripting (XSS)
2022-02-2510:41:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
xss
microweber
input sanitization
media manager
javascript injection
vulnerability
EPSS
0.001
Percentile
21.4%
microweber/microweber is vulnerable to cross-site scripting. The vulnerability exists in admin page due to the lack of input sanitization in the create_media_dir function in the MediaManager.php file allowing an attacker to inject and execute malicious javascript.
Related
cnvd
cnvd
microweber cross-site scripting vulnerability (CNVD-2022-15526)
2022-03-01 00:00:00
huntr
huntr
Cross-site Scripting (XSS) - Stored
2022-02-22 17:15:59
osv
osv
Cross-site Scripting in microweber
2022-02-27 00:00:15
CVE-2022-0763
2022-02-26 10:15:08
cvelist
cvelist
CVE-2022-0763 Cross-site Scripting (XSS) - Stored in microweber/microweber
2022-02-26 10:00:10
cve
cve
CVE-2022-0763
2022-02-26 10:15:08
prion
prion
Cross site scripting
2022-02-26 10:15:00
github
github
Cross-site Scripting in microweber
2022-02-27 00:00:15
nvd
nvd
CVE-2022-0763
2022-02-26 10:15:08