CVE-2022-40002

Published: Dec 15, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40002" target="_blank" rel="noopener"> CVE-2022-40002
GHSA: <a href="https://github.com/advisories/GHSA-6vh6-72g6-xqx2" target="_blank" rel="noopener"> GHSA-6vh6-72g6-xqx2
Severity: Medium
Exploit:

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.