CVE-2022-3123Cross-site Scripting in Dokuwiki

CWE-79Cross-site Scripting5 documents5 sources
Severity
6.1MEDIUMNVD
EPSS
0.8%
top 25.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Splitbrain DokuwikiDokuwikiFedoraproject Fedora+1 more
Timeline
PublishedSep 5
Latest updateSep 6

Description

Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages3 packages

CVEListV5splitbrain/splitbrain_dokuwikiunspecified2022-07-31a
NVDdokuwiki/dokuwiki< 2022-07-31a

Also affects: Fedora 35, 36, 37

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-g9j7-8vx6-5gr7: Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a2022-09-06
OSV
CVE-2022-3123: Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a2022-09-05
CVEList
Cross-site Scripting (XSS) - Reflected in splitbrain/dokuwiki2022-09-05

📋Vendor Advisories

1
Debian
CVE-2022-3123: dokuwiki - Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki ...2022