CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2130 – Cross-site Scripting (XSS) - Reflected in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-2130
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.17. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.17 • https://github.com/microweber/microweber/commit/dbd37dda91911360db23269897c737e0abae2c24 https://huntr.dev/bounties/0142970a-5cb8-4dba-8bbc-4fa2f3bee65c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1584 – Reflected XSS in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-1584
Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. Executing JavaScript as the victim Una vulnerabilidad ded tipo XSS reflejado en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.16. Ejecución de JavaScript como víctima • https://github.com/microweber/microweber/commit/527abd148e6b7aff8df92a9f1aa951e5bebac59c https://huntr.dev/bounties/69f4ca67-d615-4f25-b2d1-19df7bf1107d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1555 – DOM XSS in microweber ver 1.2.15 in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie... Una vulnerabilidad de tipo DOM XSS en microweber versión 1.2.15 en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.16. inyectar código js arbitrario, desfigurar el sitio web, robar cookie... • https://github.com/microweber/microweber/commit/724e2d186a33c0c27273107dc4f160a09384877f https://huntr.dev/bounties/d9f9b5bd-16f3-4eaa-9e36-d4958b557687 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0895 – Static Code Injection in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0895
Static Code Injection in GitHub repository microweber/microweber prior to 1.3. Una Inyección de Código Estático en el repositorio de GitHub microweber/microweber versiones anteriores a 1.3 • https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470 https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0896 – Improper Neutralization of Special Elements Used in a Template Engine in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0896
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3. Una Neutralización Inapropiada de Elementos Especiales Usados en un Motor de Plantillas en el repositorio de GitHub microweber/microweber versiones anteriores a 1.3 • https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5 https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •