Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1536

April 29, 2022, 1:15 p.m. |

National Vulnerability Database nist.gov

A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home</title><script>alert("home")</script><title> leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.

cve

Senior Product Security Engineer

@ Panther Labs | United States

Lead, DevSecOps

@ Hex Trust | Singapore, Singapore, Singapore

Information Security GRC Lead

@ Bud | London, England, United Kingdom

Security Analyst

@ AnaVation | Quantico, VA

Security Engineer

@ Homebase | Atlanta, Georgia, United States

Principal Offensive Cloud Security Engineer

@ Uptycs | Remote, USA

Security Engineer

@ AnaVation | Quantico, VA

Information Systems Security Manager

@ Barbaricum | Washington, DC

Cloud Engineer - GCP Security Specialist

@ DoiT International | Remote Israel

Security Operations Analyst - Compliance

@ Algolia | London, England

GRC Lead - Software Compliance

@ Ivanti | United States

Security Administrator

@ Trusting Social | Ho Chi Minh City, Ho Chi Minh City, Vietnam