Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2022-3245

HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.

Published: Sep 20, 2022
Updated: May 9, 2024
CVE: CVE-2022-3245
GHSA: GHSA-gm8c-w9cm-c445
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-94
CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
microweber / microweber	-	1.3.2
microweber / microweber	-	1.3.2

https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc
https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo