CVE-2022-45016: XSS
First published: Mon Nov 21 2022(Updated: )
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wbce CMS | <=1.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this cross-site scripting (XSS) vulnerability?
The vulnerability ID for this cross-site scripting (XSS) vulnerability is CVE-2022-45016.
What is the severity level of CVE-2022-45016?
The severity level of CVE-2022-45016 is medium.
Which module in WBCE CMS version 1.5.4 is vulnerable to this XSS vulnerability?
The Search Settings module in WBCE CMS version 1.5.4 is vulnerable to this XSS vulnerability.
How does this XSS vulnerability in WBCE CMS version 1.5.4 affect the system?
This XSS vulnerability in WBCE CMS version 1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.
Are there any fixes or patches available for CVE-2022-45016?
The WBCE CMS team has not released any fixes or patches for CVE-2022-45016 yet. It is recommended to follow the official channels for updates and security advisories.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/author
- agent/last-modified-date
- agent/event
- agent/source
- agent/weakness
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/softwarecombine
- vendor/wbce
- canonical/wbce cms
- version/wbce cms/1.5.4