First published: Fri Jan 20 2023(Updated: )
EyouCMS <= 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Eyoucms Eyoucms | <=1.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-45542 is a vulnerability discovered in EyouCMS <= 1.6.0 that allows for reflected cross-site scripting (XSS) attacks.
CVE-2022-45542 affects EyouCMS version 1.6.0 and earlier versions, allowing for reflected-XSS attacks in the FileManager component via the 'filename' GET parameter when editing any file.
CVE-2022-45542 has a severity rating of medium with a score of 5.4.
To fix CVE-2022-45542, you should update your EyouCMS installation to a version higher than 1.6.0, as the vulnerability has been patched.
You can find more information about CVE-2022-45542 in the following reference: [GitHub issue #33](https://github.com/weng-xianhu/eyoucms/issues/33).