CVE-2022-36305: XSS
First published: Tue Jul 19 2022(Updated: )
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the body function at /web/api/v1/upload/UploadHandler.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vestacp Vesta Control Panel | =1.0.0-5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-36305.
What is the severity level of CVE-2022-36305?
The severity level of CVE-2022-36305 is medium.
How does CVE-2022-36305 affect Vesta Control Panel?
CVE-2022-36305 affects Vesta Control Panel version 1.0.0-5.
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is CWE-79.
How can I fix CVE-2022-36305 in Vesta Control Panel?
To fix CVE-2022-36305, you should update Vesta Control Panel to a version that has the patch for this vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/vestacp
- canonical/vestacp vesta control panel
- version/vestacp vesta control panel/1.0.0-5