In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS.
References
Link | Resource |
---|---|
https://github.com/internetarchive/infogami/pull/195/commits/ccc2141c5fb093870c9e2742c01336ecca8cd12e | Patch Third Party Advisory |
https://www.mend.io/vulnerability-database/CVE-2022-32159 | Third Party Advisory |
Configurations
History
07 Nov 2023, 03:47
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : unknown |
28 Jun 2022, 21:39
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 5.4 |
CPE | cpe:2.3:a:infogami:infogami:ol_201908:*:*:*:*:*:*:* | |
First Time |
Infogami
Infogami infogami |
|
References | (MISC) https://www.mend.io/vulnerability-database/CVE-2022-32159 - Third Party Advisory | |
References | (CONFIRM) https://github.com/internetarchive/infogami/pull/195/commits/ccc2141c5fb093870c9e2742c01336ecca8cd12e - Patch, Third Party Advisory |
23 Jun 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
Summary | In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS. |
22 Jun 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-22 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-32159
Mitre link : CVE-2022-32159
CVE.ORG link : CVE-2022-32159
JSON object : View
Products Affected
infogami
- infogami
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')