GHSA-6346-5r4h-ff5x, CVE-2022-1555
packagist/microweber/microweber
Microweber vulnerable to cross-site scripting (XSS)
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...
All versions up to 1.2.15
Unfortunately, there is no solution available yet.
2022-05-06
source |