What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3.
CVE-2022-3072
HIGH
CVE-2022-3072: Cross-site Scripting (XSS) - Stored in francoisjacquet/rosariosis
CVSS base score
8.0/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
September 1, 2022
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-3066 Elegant Addons for elementor <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML tags
CVE-2026-31859 Craft has Reflective XSS via incomplete return URL sanitization
CVE-2024-7990 Stored Cross-Site Scripting in open-webui/open-webui
CVE-2022-34315 IBM CICS TX cross-site scripting
CVE-2023-26517 WordPress Dashboard Widgets Suite Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)
