First published: Tue Jul 19 2022(Updated: )
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the body function at /web/api/v1/upload/UploadHandler.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Vestacp Vesta Control Panel | =1.0.0-5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-36305.
The severity level of CVE-2022-36305 is medium.
CVE-2022-36305 affects Vesta Control Panel version 1.0.0-5.
The CWE ID for this vulnerability is CWE-79.
To fix CVE-2022-36305, you should update Vesta Control Panel to a version that has the patch for this vulnerability.