AskarLabs AskarLabs
Home

CMS Security

vs vScan Continuous CMS vulnerability scanning wa WP-Audit Wordpress Security Audit Tool

Identity & Access

pl PasswordLab Self-hosted password manager for business
Docs

Browse

all All CVEs Full database, no filters wp WooCommerce CVEs Plugins wp Elementor CVEs Plugins

By Platform

wp WordPress CVEs Plugins, themes & core jm Joomla CVEs Extensions & core dr Drupal CVEs Modules & core
Talk to us
Home / CVE Database / CVE-2022-4336
CVE-2022-4336

CVE-2022-4336

Vendor N/A
Product Baota
Weakness CWE-79 · XSS
Published December 9, 2022
Last update April 14, 2025
View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature.

Key dates

02Disclosure timeline

December 9, 2022 CVE published
April 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-4336 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-3463 SourceCodester Laundry Management System edit cross site scripting CVE-2025-53290 WordPress WP Visual Sitemap plugin <= 1.0.2 - Cross Site Scripting (XSS) Vulnerability CVE-2024-23349 Apache Answer: XSS vulnerability when submitting summary CVE-2024-5451 The7 — Website and eCommerce Builder for WordPress <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute CVE-2021-36829 WordPress Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Identifiers

CVE CVE-2022-4336
CWE CWE-79

Affected versions

Vendor N/A
Product Baota
Affected BAOTA linux panel 7.9.4-7.9.5
ASKARLABS
AskarLabs

We build essential tools for the teams keeping things running - quiet, honest software for the sites you ship and the secrets your team types every day.

CMS Security

  • vScan
  • WP-Audit

Identity & Access

  • PasswordLab
  • Features
  • Pricing
  • Free license

Resources

  • Docs
  • CVE Database
  • WordPress CVEs
  • Joomla CVEs
  • Drupal CVEs

Company

  • Contact
  • Security

Legal

  • Privacy
  • Terms
  • Cookies
  • GDPR
© 2026 AskarLabs. All trademarks are the property of their respective owners.
AskarLabs
CMS Security
vScan WP Audit
Identity & Access
PasswordLab Docs
CVE Database
All CVEs WordPress CVEs Joomla CVEs Drupal CVEs Talk to us