GHSA-2mh7-qxcw-q39g

Source

https://github.com/advisories/GHSA-2mh7-qxcw-q39g

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-2mh7-qxcw-q39g/GHSA-2mh7-qxcw-q39g.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-2mh7-qxcw-q39g

Aliases

CVE-2022-3072

Published

2022-09-02T00:01:09Z

Modified

2023-11-08T04:09:19.846661Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

francoisjacquet/rosariosis vulnerable to Cross-Site Scripting (XSS)

Details

Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3.

Database specific

{
    "nvd_published_at": "2022-09-01T08:15:00Z",
    "github_reviewed_at": "2022-09-16T18:41:43Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-79"
    ]
}

References

Affected packages

Packagist / francoisjacquet/rosariosis

Package

Name: francoisjacquet/rosariosis
Purl: pkg:composer/francoisjacquet/rosariosis

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.9.3

Affected versions

v5.*

v5.0-beta3

v5.0-beta4

v5.0

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.1-beta

v5.1

v5.1.1

v5.2-beta

v5.2

v5.3-beta

v5.3

v5.3.1

v5.3.2

v5.3.3

v5.3.4

v5.4-beta

v5.4

v5.4.1

v5.4.2

v5.4.3

v5.4.4

v5.4.5

v5.4.6

v5.4.7

v5.5-beta

v5.5-beta2

v5.5-beta3

v5.5

v5.5.1

v5.5.2

v5.5.3

v5.5.4

v5.6-beta

v5.6

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.5

v5.7

v5.7.1

v5.7.2

v5.7.3

v5.7.4

v5.7.5

v5.7.6

v5.7.7

v5.8-beta

v5.8-beta2

v5.8-beta3

v5.8-beta4

v5.8-beta5

v5.8

v5.8.1

v5.9-beta2

v5.9-beta3

v5.9

v5.9.1

v5.9.2

v5.9.3

v5.9.4

v5.9.5

v5.9.6

v6.*

v6.0-beta

v6.0

v6.1

v6.2

v6.2.1

v6.2.2

v6.2.3

v6.3

v6.4

v6.4.1

v6.4.2

v6.5

v6.5.1

v6.5.2

v6.6

v6.6.1

v6.7

v6.7.1

v6.7.2

v6.8-beta

v6.8

v6.8.1

v6.9-beta

v6.9

v6.9.1

v6.9.2

v6.9.3

v6.9.4

v7.*

v7.0-beta

v7.0

v7.0.1

v7.0.2

v7.0.3

v7.0.4

v7.1

v7.1.1

v7.1.2

v7.1.3

v7.1.4

v7.2

v7.2.1

v7.2.2

v7.2.3

v7.2.4

v7.3

v7.3.1

v7.4

v7.5

v7.6

v7.6.1

v7.7

v7.8

v7.8.1

v7.8.2

v7.8.3

v7.8.4

v7.9

v7.9.1

v7.9.2

v7.9.3

v8.*

v8.0

v8.0.1

v8.0.2

v8.0.3

v8.0.4

v8.1

v8.1.1

v8.2

v8.2.1

v8.3

v8.3.1

v8.4

v8.5

v8.5.1

v8.5.2

v8.6

v8.6.1

v8.7

v8.8

v8.9

v8.9.1

v8.9.2