CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0608 – Cross-site Scripting (XSS) - DOM in microweber/microweber
https://notcve.org/view.php?id=CVE-2023-0608
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2. • https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936 https://huntr.dev/bounties/02a86e0d-dff7-4e27-89d5-2f7dcd4b580c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4732 – Unrestricted Upload of File with Dangerous Type in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-4732
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2. Carga sin restricciones de archivos con tipo peligroso en el repositorio de GitHub microweber/microweber anterior a 1.3.2. • https://github.com/microweber/microweber/commit/0d279ac81052ce7ee97c18c811a9b8e912189da0 https://huntr.dev/bounties/d5be2e96-1f2f-4357-a385-e184cf0119aa • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4647 – Cross-site Scripting (XSS) - Stored in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-4647
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2. Cross-Site Scripting (XSS): almacenado en el repositorio de GitHub microweber/microweber anterior a 1.3.2. • https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936 https://huntr.dev/bounties/ccdd243d-726c-4199-b742-25c571491242 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4617 – Cross-site Scripting (XSS) - Reflected in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-4617
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2. Cross-Site Scripting (XSS) Reflejado en el repositorio de GitHub microweber/microweber anterior a 1.3.2. • https://github.com/microweber/microweber/commit/df8add930ecfa7f5b18c67c3f748c137fe890906 https://huntr.dev/bounties/1fb2ce08-7016-45fa-b402-ec08d700e4df • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3245 – Code Injection in display of tag title on saving tags in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-3245
HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input. Un ataque de inyección HTML está estrechamente relacionado con un ataque de tipo Cross-site Scripting (XSS). • https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •