CVE-2022-2353

Published July 9th, 2022

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.

microweber/microweber

Drag and Drop Website Builder and CMS with E-commerce

GitHub

3.42K