What the vulnerability does
01Description
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0723
HIGH
CVE-2022-0723: Cross-site Scripting (XSS) - Reflected in microweber/microweber
CVSS base score
8.0/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
February 26, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-64538 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
CVE-2025-22354 WordPress Digi Store theme <= 1.1.4 - Cross Site Scripting (XSS) vulnerability
CVE-2026-25496 Craft has a stored XSS in Number Prefix & Suffix Fields
CVE-2023-0708 Metform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_first_name shortcode
CVE-2025-22684 WordPress WP BASE Booking plugin <= 5.0.0 - Cross Site Scripting (XSS) vulnerability
