CVE-2022-26332

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-26332

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-26332.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-26332

Aliases

GHSA-vpmw-77vm-4mjg

Published

2022-03-01T01:15:08.047Z

Modified

2026-03-14T08:43:12.674850Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field.

References

Affected packages

Git / github.com/andreapollastri/cipi

Affected ranges

Type

GIT

Repo

https://github.com/andreapollastri/cipi

Events

Introduced

Last affected

63745b74ffe51d349e67d43aabcd582ac2ff39d3

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.15"
        }
    ]
}

Affected versions

0.*

0.1

1.*

1.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.1

1.1.1

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.8

1.1.9

1.2

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4.0

1.4.1

1.4.2

2.*

2.0.0beta

2.0.1beta

2.0.2beta

2.0.3beta

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.1

2.1.1

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.2

2.2.1

2.2.2

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

2.3.1

2.3.2

2.3.3

2.4.0

2.4.1

2.4.2

2.4.3

2.4.4

2.4.5

2.4.6

2.4.7

2.4.8

2.4.9

3.*

3.0

3.0.1

3.0.10

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.0.7

3.0.8

3.0.9

3.1.0

3.1.1

3.1.10

3.1.11

3.1.12

3.1.13

3.1.14

3.1.15

3.1.2

3.1.3

3.1.4

3.1.5

3.1.6

3.1.7

3.1.8

3.1.9

Other

3beta

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-26332.json"