CVE-2022-1555: DOM XSS in microweber ver 1.2.15 in microweber/microweber
First published: Wed May 04 2022(Updated: )
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microweber Microweber | <1.2.16 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-1555?
The severity of CVE-2022-1555 is high with a CVSS score of 6.1.
How does CVE-2022-1555 impact microweber ver 1.2.15?
CVE-2022-1555 allows an attacker to inject arbitrary JavaScript code, deface websites, and steal cookies in microweber ver 1.2.15.
How can I fix CVE-2022-1555?
To fix CVE-2022-1555, it is recommended to update microweber to version 1.2.16 or later.
Where can I find more information about CVE-2022-1555?
You can find more information about CVE-2022-1555 in the GitHub commit and the huntr.dev bounty page.
What is the CVE ID of the vulnerability in microweber ver 1.2.15?
The CVE ID of this vulnerability in microweber ver 1.2.15 is CVE-2022-1555.
- collector/nvd-index
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/title
- agent/tags
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- vendor/microweber
- canonical/microweber microweber