CVE-2022-4822
MEDIUM WAF: High
CVSS 6.1
Published: 2022-12-28
CWE-79
A vulnerability, which was classified as problematic, has been found in FlatPress. This issue affects some unknown processing of the file setup/lib/main.lib.php of the component Setup. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 5f23b4c2eac294cc0ba5e541f83a6f8a26f9fed1. It is recommended to apply a patch to fix this issue. The identifier VDB-217001 was assigned to this vulnerability.
WAF Coverage Analysis
Cross-Site Scripting (XSS)
High WAF Coverage
OWASP: A03:2021 Injection
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| flatpress | flatpress | - |
References
- github.com (Patch, Third Party Advisory)
- github.com (Issue Tracking, Patch, Third Party Advisory)
- vuldb.com (Third Party Advisory)
- vuldb.com (Third Party Advisory)