Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-38145

Published: 23/11/2022 Updated: 30/11/2022
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 0

Vulnerability Summary

Silverstripe silverstripe/framework up to and including 4.11 allows XSS (issue 1 of 3) via remote attackers adding a Javascript payload to a page's meta description and get it executed in the versioned history compare view.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

silverstripe framework

References

CWE-79https://www.silverstripe.org/download/security-releases/https://www.silverstripe.org/download/security-releases/CVE-2022-38145https://www.silverstripe.org/blog/tag/releasehttps://forum.silverstripe.org/c/releaseshttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoofCVE-2024-34928CVE-2024-5291deserializationCVE-2024-4471CVE-2024-4956CVE-2024-32002CVE-2024-5227unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook