CVE-2022-4975

HIGH Year: 2022
CVSS v3 Score
8.9
High
Weakness Type
CWE-79
View all →

Vulnerability Description

A flaw was found in the Red Hat Advanced Cluster Security (RHACS) portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/* endpoints, the front-end generates a DOM table-element (id="pdf-table"). This information is then populated with unsanitized data using innerHTML. An attacker with some control over the data rendered can trigger a cross-site scripting (XSS) vulnerability.

Related Vulnerabilities

CVE-2020-24897

HIGH
CVSS:8.9(High)

The Table Filter and Charts for Confluence Server app before 5.3.25 (for Atlassian Confluence) allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting (XSS) through the ...

CWE-792020

CVE-2020-26280

HIGH
CVSS:8.9(High)

OpenSlides is a free, Web-based presentation and assembly system for managing and projecting agenda, motions, and elections of assemblies. OpenSlides version 3.2, due to unsufficient user input valida...

CWE-792020

CVE-2020-8773

HIGH
CVSS:8.9(High)

The Richtext Editor in Pega Platform before 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability.

CWE-792020

CVE-2020-8775

HIGH
CVSS:8.9(High)

Pega Platform before version 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the comment tags.

CWE-792020

CVE-2022-39824

HIGH
CVSS:8.9(High)

Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server via the currentItem property of the list widget, e.g., to perfo...

CWE-792022

CVE-2023-5351

HIGH
CVSS:8.9(High)

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.

CWE-792023