CVE-2022-0719

Description

Microweber prior to version 1.3 is vulnerable to reflected cross-site scripting.

How to fix CVE-2022-0719

To remediate CVE-2022-0719, upgrade the affected package to a fixed version below.

• Packagist/microweber/microweber—upgrade to 1.3 or later

Is CVE-2022-0719 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.3

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-0719
• PATCHgithub.com/microweber/microweber
• WEBgithub.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a
• WEBhuntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312