First published: Wed May 18 2022(Updated: )
Cross-site Scripting (XSS) - Generic in GitHub repository octoprint/octoprint prior to 1.8.0.
Credit: security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Octoprint Octoprint | <1.8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-1432 is high, with a severity value of 6.4.
CVE-2022-1432 affects the octoprint/octoprint repository prior to version 1.8.0, allowing for Cross-site Scripting (XSS) attacks.
The CWE ID associated with CVE-2022-1432 is CWE-79.
To fix CVE-2022-1432, update the octoprint/octoprint repository to version 1.8.0 or later.
You can find more information about CVE-2022-1432 at the following references: [GitHub Commit](https://github.com/octoprint/octoprint/commit/6d259d7e6f5b0de9a1c762831537a386e53978d3) and [Huntr Bounty](https://huntr.dev/bounties/cb545c63-a3c1-4d57-8f06-e4593ab389bf).