CVE-2022-34870
published 2022-10-25CVE-2022-34870: Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | geode | <= 1.15.0 | — |
| apache_software_foundation | apache_geode | Apache Geode – 1.15.0 | — |