Количество 2
Количество 2
CVE-2022-4638
A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496.
GHSA-5pqf-rvm7-3wgw
collective.contact.widget is vulnerable to cross-site scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-4638 A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496. | CVSS3: 3.5 | 0% Низкий | около 3 лет назад |
| GHSA-5pqf-rvm7-3wgw collective.contact.widget is vulnerable to cross-site scripting | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу