CVE-2022-3245

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-3245

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3245.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-3245

Aliases

GHSA-gm8c-w9cm-c445

Published

2022-09-20T14:15:09Z

Modified

2024-05-14T12:01:46.175654Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.

References

Affected packages

Git / github.com/microweber/microweber

Affected ranges

Type: GIT
Repo: https://github.com/microweber/microweber
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f20abf30a1d9c1426c5fb757ac63998dc5b92bfc

Affected versions

1.*

1.0.3

1.0.5-fix1

1.0.6

1.0.7

1.0.7-fix1

1.1

1.2.9

v1.*

v1.2.10

v1.2.11

v1.2.12

v1.2.13

v1.2.14

v1.2.15

v1.2.16

v1.2.17

v1.2.18

v1.2.19

v1.2.20

v1.2.21

v1.2.3

v1.2.4

v1.2.5

v1.2.6

v1.2.7

v1.2.8

v1.2.9

v1.3.0

v1.3.1