Количество 2
Количество 2
CVE-2022-43670
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the taxonomy management feature.
GHSA-jj93-4jr5-x45h
Apache Sling App CMS vulnerable to Cross-site Scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-43670 An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the taxonomy management feature. | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
| GHSA-jj93-4jr5-x45h Apache Sling App CMS vulnerable to Cross-site Scripting | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу