CVE-2022-23458 MEDIUM

CVE-2022-23458: Toast UI Grid vulnerable to Cross-site scripting

Vendor Nhn
Product tui.grid
Weakness CWE-79 · XSS
Published September 22, 2022
Last update April 22, 2025

CVSS base score

6.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Toast UI Grid is a component to display and edit data. Versions prior to 4.21.3 are vulnerable to cross-site scripting attacks when pasting specially crafted content into editable cells. This issue was fixed in version 4.21.3. There are no known workarounds.

Key dates

02Disclosure timeline

September 22, 2022 CVE published
April 22, 2025 Record updated

Related vulnerabilities

04Related CVE