CVE-2022-1414

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.

Published: Oct 19, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-1414
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
redhat / 3scale_api_management	2.0	2.0.x

https://access.redhat.com/security/cve/CVE-2022-1414
https://bugzilla.redhat.com/show_bug.cgi?id=2076794

Vulnerability Database

289,599

CVE-2022-1414