CVE-2022-1571

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-1571
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-1571.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-1571
Aliases
Published
2022-05-04T11:15:08Z
Modified
2025-01-15T02:13:01.679182Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Cross-site scripting - Reflected in Create Subaccount in GitHub repository neorazorx/facturascripts prior to 2022.07. This vulnerability can be arbitrarily executed javascript code to steal user'cookie, perform HTTP request, get content of same origin page, etc ...

References

Affected packages

Git / github.com/neorazorx/facturascripts

Affected ranges

Type
GIT
Repo
https://github.com/neorazorx/facturascripts
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

2018.*

2018.03
2018.04
2018.05
2018.11

v2018.*

v2018.12
v2018.13
v2018.14
v2018.15
v2018.16

v2020.*

v2020.01
v2020.2
v2020.3
v2020.4
v2020.51
v2020.61
v2020.71
v2020.80

Other

v2021

v2021.*

v2021.1
v2021.2
v2021.4
v2021.51
v2021.71
v2021.81

v2022.*

v2022.06