CVE-2022-3869: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

November 5, 2022 (updated November 8, 2022)

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.

References

github.com/froxlor/froxlor/commit/3f10a4adede9df83408d60ded78b51b812a763a8
huntr.dev/bounties/7de20f21-4a9b-445d-ae2b-15ade648900b
nvd.nist.gov/vuln/detail/CVE-2022-3869

Code Behaviors & Features

Detect and mitigate CVE-2022-3869 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →