CVE-2022-41435
on github
Published
Severity
CVSS v3:
5.4 MEDIUM
CVSS v2:
N/A
Description
OpenWRT LuCI version git-22.140.66206-02913be was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /system/sshkeys.js. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted public key comments.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:openwrt:luci:git-22.140.66206-02913be:*:*:*:*:*:*:* | n/a | n/a | git-22.140.66206-02913be |