What is the severity of CVE-2022-4730?

CVE-2022-4730 is classified as problematic due to its potential for cross site scripting attacks.

How do I fix CVE-2022-4730?

To fix CVE-2022-4730, upgrade to one of the patched versions of Graphite Web: 1.0.2+, 1.1.4-5ubuntu0.1, 1.1.8-1ubuntu0.22.04.1, 0.9.12+, or 0.9.15+ depending on your distribution.

Which versions of Graphite Web are affected by CVE-2022-4730?

CVE-2022-4730 affects versions below 1.0.2+, 1.1.4-5ubuntu0.1 for focal, 1.1.8-1ubuntu0.22.04.1 for jammy, and corresponding versions for other distributions.

Can CVE-2022-4730 be exploited remotely?

Yes, CVE-2022-4730 can be exploited remotely by manipulating the Absolute Time Range Handler.

What component of Graphite Web is vulnerable in CVE-2022-4730?

The vulnerability in CVE-2022-4730 is found in the Absolute Time Range Handler component.

Vulnerability/
CVE-2022-4730

medium

5.4

CWE

79 707 74

24/12/2022

21/11/2024

CVE-2022-4730: Graphite Web Absolute Time Range cross site scripting

First published: Sat Dec 24 2022(Updated: )

A vulnerability was found in Graphite Web. It has been classified as problematic. Affected is an unknown function of the component Absolute Time Range Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216744.

Credit: cna@vuldb.com cna@vuldb.com cna@vuldb.com

Affected Software	Affected Version	How to fix
ubuntu/graphite-web	<1.0.2+	1.0.2+
ubuntu/graphite-web	<1.1.4-5ubuntu0.1	1.1.4-5ubuntu0.1
ubuntu/graphite-web	<1.1.8-1ubuntu0.22.04.1	1.1.8-1ubuntu0.22.04.1
ubuntu/graphite-web	<0.9.12+	0.9.12+
ubuntu/graphite-web	<0.9.15+	0.9.15+
debian/graphite-web	<=1.1.4-3+deb10u1	1.1.4-3+deb10u2 1.1.8-2 1.1.10-1
Graphite

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-6243-1

Frequently Asked Questions

What is the severity of CVE-2022-4730?
CVE-2022-4730 is classified as problematic due to its potential for cross site scripting attacks.
How do I fix CVE-2022-4730?
To fix CVE-2022-4730, upgrade to one of the patched versions of Graphite Web: 1.0.2+, 1.1.4-5ubuntu0.1, 1.1.8-1ubuntu0.22.04.1, 0.9.12+, or 0.9.15+ depending on your distribution.
Which versions of Graphite Web are affected by CVE-2022-4730?
CVE-2022-4730 affects versions below 1.0.2+, 1.1.4-5ubuntu0.1 for focal, 1.1.8-1ubuntu0.22.04.1 for jammy, and corresponding versions for other distributions.
Can CVE-2022-4730 be exploited remotely?
Yes, CVE-2022-4730 can be exploited remotely by manipulating the Absolute Time Range Handler.
What component of Graphite Web is vulnerable in CVE-2022-4730?
The vulnerability in CVE-2022-4730 is found in the Absolute Time Range Handler component.

collector/usn-cve
collector/launchpad-cve
collector/security-tracker-debian
agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/weakness
agent/title
agent/remedy
agent/severity
agent/description
agent/first-publish-date
agent/last-modified-date
agent/author
agent/softwarecombine
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-cve
package-manager/ubuntu
package-manager/debian
vendor/graphite project
canonical/graphite

Frequently Asked Questions

What is the severity of CVE-2022-4730?
CVE-2022-4730 is classified as problematic due to its potential for cross site scripting attacks.
How do I fix CVE-2022-4730?
To fix CVE-2022-4730, upgrade to one of the patched versions of Graphite Web: 1.0.2+, 1.1.4-5ubuntu0.1, 1.1.8-1ubuntu0.22.04.1, 0.9.12+, or 0.9.15+ depending on your distribution.
Which versions of Graphite Web are affected by CVE-2022-4730?
CVE-2022-4730 affects versions below 1.0.2+, 1.1.4-5ubuntu0.1 for focal, 1.1.8-1ubuntu0.22.04.1 for jammy, and corresponding versions for other distributions.
Can CVE-2022-4730 be exploited remotely?
Yes, CVE-2022-4730 can be exploited remotely by manipulating the Absolute Time Range Handler.
What component of Graphite Web is vulnerable in CVE-2022-4730?
The vulnerability in CVE-2022-4730 is found in the Absolute Time Range Handler component.

CVE-2022-4730: Graphite Web Absolute Time Range cross site scripting

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2022-4730?

How do I fix CVE-2022-4730?

Which versions of Graphite Web are affected by CVE-2022-4730?

Can CVE-2022-4730 be exploited remotely?

What component of Graphite Web is vulnerable in CVE-2022-4730?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2022-4730?

How do I fix CVE-2022-4730?

Which versions of Graphite Web are affected by CVE-2022-4730?

Can CVE-2022-4730 be exploited remotely?

What component of Graphite Web is vulnerable in CVE-2022-4730?