First published: Wed May 18 2022(Updated: )
Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0.
Credit: security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Octoprint Octoprint | <1.8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-1430 is a Cross-site Scripting (XSS) vulnerability in GitHub repository octoprint/octoprint prior to version 1.8.0.
CVE-2022-1430 allows an attacker to execute arbitrary scripts in a victim's browser when they visit a vulnerable webpage in octoprint/octoprint prior to version 1.8.0.
CVE-2022-1430 has a severity value of 7.5 (High).
To fix CVE-2022-1430, it is recommended to update octoprint/octoprint to version 1.8.0 or later.
You can find more information about CVE-2022-1430 in the GitHub commit and the Huntr bounty links: [GitHub Commit](https://github.com/octoprint/octoprint/commit/8087528e4a7ddd15c7d95ff662deb5ef7de90045), [Huntr Bounty](https://huntr.dev/bounties/0cd30d71-1e32-4a0b-b4c3-faaa1907b541).