Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMendCVELIST:CVE-2022-32174
HistoryOct 06, 2022 - 12:00 a.m.

CVE-2022-32174 Gogs - XSS

2022-10-0600:00:00
CWE-79
Mend
www.cve.org
gogs
xss
vulnerability
account takeover

8.1 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.6%

JSON

In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.

CNA Affected

[
  {
    "vendor": "gogs",
    "product": "gogs",
    "versions": [
      {
        "version": "v0.6.5",
        "status": "affected",
        "lessThan": "unspecified",
        "versionType": "custom"
      },
      {
        "version": "unspecified",
        "lessThanOrEqual": "v0.12.10",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Related

gitlab 1
veracode 1
nvd 1
osv 2
cve 1
alpinelinux 1
github 1
prion 1
ibm 1
gitlab
gitlab
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2022-10-11 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2022-10-12 08:11:11
nvd
nvd
CVE-2022-32174
2022-10-11 15:15:09
osv
osv
Gogs vulnerable to Cross-site Scripting
2022-10-11 19:00:29
CVE-2022-32174
2022-10-11 15:15:09
cve
cve
CVE-2022-32174
2022-10-11 15:15:09
alpinelinux
alpinelinux
CVE-2022-32174
2022-10-11 15:15:09
github
github
Gogs vulnerable to Cross-site Scripting
2022-10-11 19:00:29
prion
prion
Cross site scripting
2022-10-11 15:15:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Storage Defender – Data Protect
2023-09-29 16:01:25

8.1 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.6%

JSON
Related for CVELIST:CVE-2022-32174
gitlab1veracode1nvd1osv2cve1alpinelinux1github1prion1ibm1