Lucene search
Veracode Vulnerability DatabaseVERACODE:34607HistoryMar 11, 2022 - 7:21 a.m.
Cross-site Scripting (XSS)
2022-03-1107:21:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
0.001 Low
EPSS
Percentile
21.6%
microweber/microweber, is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of input sanitization in the file upload in the Files.php file allowing an attacker to bypass the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microweber/microweber | le | v1.2.11 | |
| microweber/microweber | le | v1.2.11 |
Related
huntr
huntr
Unrestricted file upload leads to stored XSS
2022-03-09 14:43:02
cve
cve
CVE-2022-0906
2022-03-10 15:15:10
osv
osv
Unrestricted file upload leads to stored cross-site scripting in Microweber
2022-03-11 00:02:36
CVE-2022-0906
2022-03-10 15:15:10
cnvd
cnvd
Microweber Cross-Site Scripting Vulnerability (CNVD-2022-18522)
2022-03-11 00:00:00
nvd
nvd
CVE-2022-0906
2022-03-10 15:15:10
github
github
Unrestricted file upload leads to stored cross-site scripting in Microweber
2022-03-11 00:02:36
prion
prion
Unrestricted file upload
2022-03-10 15:15:00
cvelist
cvelist