Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1jZmNnLTJxZ3ItdjI0M84AAtly

Moderate EPSS: 0.00472% (0.63681 Percentile) EPSS:
Permalink JSON

Microweber before 1.2.21 vulnerable to reflected XSS

Affected Packages Affected Versions Fixed Versions
packagist:microweber/microweber < 1.2.21 1.2.21
1 Dependent packages
5 Dependent repositories
13,389 Downloads total

Affected Version Ranges

All affected versions

0.9.346, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.2.10, 1.2.11, 1.2.12, 1.2.13, 1.2.14, 1.2.15, 1.2.16, 1.2.17, 1.2.18, 1.2.19, 1.2.20

All unaffected versions

1.2.21, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.0.18, 2.0.19

Microweber prior to 1.2.21 is vulnerable to reflected cross-site scripting (XSS).

References:

Identifiers

GHSA-cfcg-2qgr-v243

CVE-2022-2470

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00472

EPSS Percentile: 0.63681

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/microweber/microweber

Date and time

Published

about 3 years ago

Updated

over 2 years ago

API

JSON