CVE-2022-0379: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

January 28, 2022 (updated February 3, 2022)

Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.

References

github.com/advisories/GHSA-prff-6j8q-vrv7
github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b
huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6
nvd.nist.gov/vuln/detail/CVE-2022-0379

Detect and mitigate CVE-2022-0379 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →