File tree 2 files changed +63
-37
lines changed
github-reviewed/2022/02/GHSA-38m9-3vg4-rwvp
unreviewed/2022/02/GHSA-38m9-3vg4-rwvp
2 files changed +63
-37
lines changed Original file line number Diff line number Diff line change 1+ {
2+ "schema_version" : " 1.2.0"
3+ "id" : " GHSA-38m9-3vg4-rwvp"
4+ "modified" : " 2022-02-23T19:43:59Z"
5+ "published" : " 2022-02-20T00:00:32Z"
6+ "aliases" : [
7+ " CVE-2022-0678"
8+ ],
9+ "summary" : " Cross-site Scripting in microweber"
10+ "details" : " microweber prior to version 1.2.11 is vulnerable to cross-site scripting."
11+ "severity" : [
12+ {
13+ "type" : " CVSS_V3"
14+ "score" : " CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
15+ }
16+ ],
17+ "affected" : [
18+ {
19+ "package" : {
20+ "ecosystem" : " Packagist"
21+ "name" : " microweber/microweber"
22+ },
23+ "ranges" : [
24+ {
25+ "type" : " ECOSYSTEM"
26+ "events" : [
27+ {
28+ "introduced" : " 0"
29+ },
30+ {
31+ "fixed" : " 1.2.11"
32+ }
33+ ]
34+ }
35+ ]
36+ }
37+ ],
38+ "references" : [
39+ {
40+ "type" : " ADVISORY"
41+ "url" : " https://nvd.nist.gov/vuln/detail/CVE-2022-0678"
42+ },
43+ {
44+ "type" : " WEB"
45+ "url" : " https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8"
46+ },
47+ {
48+ "type" : " WEB"
49+ "url" : " https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0"
50+ },
51+ {
52+ "type" : " PACKAGE"
53+ "url" : " https://github.com/microweber/microweber"
54+ }
55+ ],
56+ "database_specific" : {
57+ "cwe_ids" : [
58+ " CWE-79"
59+ ],
60+ "severity" : " MODERATE"
61+ "github_reviewed" : true
62+ }
63+ }
Load Diff This file was deleted.
You can’t perform that action at this time.
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments