CVE-2022-4414 — Cross-site Scripting in Framework

Severity

6.1MEDIUMNVD

EPSS

0.3%

top 44.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedDec 12

Description

Cross-site Scripting (XSS) - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶CVEListV5nuxt/nuxt_frameworkunspecified — v3.0.0-rc.13

GHSA

GHSA-655c-fv7v-c7p7: Cross-site Scripting (XSS) - DOM in GitHub repository nuxt/framework prior to v3↗2022-12-12

▶