Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS1wbTM3LTVqNW0tNmN2d84AAs6P

Cross-site Scripting in NukeViet CMS

There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02.

Permalink: https://github.com/advisories/GHSA-pm37-5j5m-6cvw
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wbTM3LTVqNW0tNmN2d84AAs6P
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: almost 2 years ago

CVSS Score: 5.4
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Identifiers: GHSA-pm37-5j5m-6cvw, CVE-2022-30874
References:

• https://nvd.nist.gov/vuln/detail/CVE-2022-30874
• https://github.com/nukeviet/nukeviet/commit/1f328bb8cd256f88bd45fc3ec5a50ae951da2501
• https://nukeviet.vn/vi/news/Tin-tuc/thong-bao-phat-hanh-nukeviet-4-5-02-708.html
• https://github.com/nukeviet/nukeviet
• https://github.com/advisories/GHSA-pm37-5j5m-6cvw

Repository: https://github.com/nukeviet/nukeviet
Blast Radius: 1.0

Affected Packages