Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-4728

Опубликовано: 27 дек. 2022
Источник: debian
EPSS Низкий

Описание

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
graphite-webfixed1.1.8-1.1package

Примечания

  • https://github.com/graphite-project/graphite-web/commit/2f178f490e10efc03cd1d27c72f64ecab224eb23

  • https://github.com/graphite-project/graphite-web/issues/2744

  • https://github.com/graphite-project/graphite-web/pull/2785

EPSS

Процентиль: 63%
0.00445
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-4728

CVSS3: 3.5
ubuntu
около 3 лет назад

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.

redhat логотип

CVE-2022-4728

CVSS3: 5.4
redhat
около 3 лет назад

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.

nvd логотип

CVE-2022-4728

CVSS3: 3.5
nvd
около 3 лет назад

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.

github логотип

GHSA-3c5x-4hvx-qrrr

CVSS3: 5.4
github
около 3 лет назад

Graphite Web Cross-site Scripting vulnerability

EPSS

Процентиль: 63%
0.00445
Низкий