A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home</title><script>alert("home")</script><title> leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting%28XSS%29.md | |
https://vuldb.com/?id.198706 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2022-04-29T13:10:12
Updated: 2022-04-29T13:10:12
Reserved: 2022-04-29T00:00:00
Link: CVE-2022-1536
JSON object: View
NVD Information
Status : Modified
Published: 2022-04-29T13:15:08.430
Modified: 2023-11-07T03:41:59.220
Link: CVE-2022-1536
JSON object: View
Redhat Information
No data.
CWE