CVE-2022-2028 HIGH

CVE-2022-2028: Cross-site Scripting (XSS) - Generic in kromitgmbh/titra

Vendor Kromitgmbh
Product kromitgmbh/titra
Weakness CWE-79 · XSS
Published June 8, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

8.2/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Generic in GitHub repository kromitgmbh/titra prior to 0.77.0.

Key dates

02Disclosure timeline

June 8, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-50551 WordPress EndomondoWP plugin <= 0.1.1 - Stored Cross Site Scripting (XSS) vulnerability CVE-2025-22632 WordPress WooCommerce Pricing – Product Pricing plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability CVE-2025-3878 SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_verify Shortcode CVE-2022-0640 AP Pricing Tables Lite < 1.1.5 - Reflected Cross-Site Scripting CVE-2025-9388 Scada-LTS watch_list.shtm cross site scripting