What the vulnerability does
01Description
Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0378
HIGH
CVE-2022-0378: Cross-site Scripting (XSS) - Reflected in microweber/microweber
CVSS base score
7.1/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
Key dates
02Disclosure timeline
January 26, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-37166 ghtml Cross-Site Scripting (XSS) vulnerability
CVE-2026-25491 Craft has a Stored XSS in Entry Types Name
CVE-2026-27901 Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`
CVE-2024-36187 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2025-9107 Portabilis i-Diario search_autocomplete cross site scripting
