An issue was discovered in Cerebrate through 1.4. XSS could occur in the bookmarks component.
References
Link | Resource |
---|---|
https://github.com/cerebrate-project/cerebrate/commit/14ec995c2bd618b181197dc6b64e63fd966b4860 | Patch Third Party Advisory |
https://github.com/cerebrate-project/cerebrate/commit/e13b4e7bc5f1a0ff59b52162cc99405e89c0544a | Patch Third Party Advisory |
https://zigrin.com/advisories/cerebrate-cross-site-scripting-xss-in-bookmarks/ | Third Party Advisory |
https://zigrin.com/cakephp-application-cybersecurity-research-be-careful-with-reflections-for-your-web-application-security/ | Exploit Third Party Advisory |
Configurations
History
21 Dec 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://zigrin.com/advisories/cerebrate-cross-site-scripting-xss-in-bookmarks/ - Third Party Advisory |
30 Oct 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Oct 2023, 21:02
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://zigrin.com/cakephp-application-cybersecurity-research-be-careful-with-reflections-for-your-web-application-security/ - Exploit, Third Party Advisory |
10 Oct 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2022-02-18 06:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-25321
Mitre link : CVE-2022-25321
CVE.ORG link : CVE-2022-25321
JSON object : View
Products Affected
cerebrate-project
- cerebrate
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')