CVE-2022-0838

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-0838

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0838.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-0838

Published

2022-03-04T08:10:11Z

Modified

2025-11-20T11:58:44.748871Z

Severity

6.6 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

Details

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10.

Database specific

{
    "cwe_ids": [
        "CWE-79"
    ]
}

References

Affected packages

Git / github.com/hestiacp/hestiacp

Affected ranges

Type: GIT
Repo: https://github.com/hestiacp/hestiacp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1b8a2f2ae4eb15fdb592fdf72801279a2f0bc1b5

Affected versions

0.*

0.9.8-28

1.*

1.0.1

1.00.0-190618

1.2.0

1.3.0

1.3.1

1.3.2

1.4.0

1.4.1

1.4.10

1.4.11

1.4.12

1.4.13

1.4.14

1.4.15

1.4.16

1.4.17

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5.0

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9