Lucene search
China National Vulnerability DatabaseCNVD-2022-58957HistoryJun 21, 2022 - 12:00 a.m.
InvenTree Cross-Site Scripting Vulnerability
2022-06-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
inventree
open source
inventory management
version prior to 0.7.2
cross-site scripting
vulnerability
filtering
escaping
parameter data
javascript code
client side
cnvd
EPSS
0.001
Percentile
21.4%
InvenTree is InvenTree open source an open source inventory management system . A cross-site scripting vulnerability exists in InvenTree versions prior to 0.7.2, which stems from the application’s lack of filtering and escaping for parameter data. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
Related
osv
osv
CVE-2022-2113
2022-06-17 13:15:13
huntr
huntr
Stored XSS in Part Description
2022-06-11 08:44:40
nvd
nvd
CVE-2022-2113
2022-06-17 13:15:13
cvelist
cvelist
CVE-2022-2113 Cross-site Scripting (XSS) - Stored in inventree/inventree
2022-06-17 10:20:10
prion
prion
Cross site scripting
2022-06-17 13:15:00
cve
cve
CVE-2022-2113
2022-06-17 13:15:13
fedora
fedora
[SECURITY] Fedora 36 Update: microcode_ctl-2.1-51.fc36
2022-05-12 01:13:57
[SECURITY] Fedora 35 Update: microcode_ctl-2.1-47.3.fc35
2022-05-12 01:20:54
[SECURITY] Fedora 34 Update: microcode_ctl-2.1-46.3.fc34
2022-05-19 01:01:19