CVE-2022-3193

CVE-2022-3193

Vendor N/A
Product ovirt-engine
Weakness CWE-79 · XSS
Published September 28, 2022
Last update May 20, 2025
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages.

Key dates

02Disclosure timeline

September 28, 2022 CVE published
May 20, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-1320 Sliderby10Web < 1.2.52 - Admin+ Stored Cross-Site Scripting CVE-2024-52839 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) CVE-2023-48489 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) CVE-2024-34793 WordPress WP Next Post Navi plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability CVE-2025-58661 WordPress eZee Online Hotel Booking Engine Plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability