What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2022-0145
MEDIUM
CVE-2022-0145: Cross-site Scripting (XSS) - Stored in forkcms/forkcms
CVSS base score
6.8/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Key dates
02Disclosure timeline
March 24, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-36235 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
CVE-2025-30595 WordPress include-file plugin <= 1 Cross Site Scripting (XSS) Vulnerability
CVE-2025-23454 WordPress Nature FlipBook WordPress Plugin plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2026-42548 Flight: Reflected XSS via unvalidated JSONP callback in Flight::jsonp()
CVE-2024-11004
