CVE-2022-4820: FlatPress Admin Area admin.entry.list.php cross site scripting
First published: Wed Dec 28 2022(Updated: )
A vulnerability classified as problematic has been found in FlatPress. This affects an unknown part of the file admin/panels/entry/admin.entry.list.php of the component Admin Area. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 229752b51025e678370298284d42f8ebb231f67f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216999.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| openMairie Openpresse |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-4820?
CVE-2022-4820 is classified as a problematic vulnerability.
What type of vulnerability is CVE-2022-4820?
CVE-2022-4820 is a cross-site scripting (XSS) vulnerability.
What component is affected by CVE-2022-4820?
CVE-2022-4820 affects the Admin Area of FlatPress, specifically the file admin/panels/entry/admin.entry.list.php.
How can CVE-2022-4820 be exploited?
CVE-2022-4820 can be exploited remotely through manipulation of the affected component.
How do I fix CVE-2022-4820?
To fix CVE-2022-4820, you should update to the latest version of FlatPress that addresses this vulnerability.
- agent/references
- agent/type
- agent/remedy
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/flatpress
- canonical/openmairie openpresse