CVE-2022-25022

A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post.
References
Link Resource
http://danpros.com Third Party Advisory
https://youtu.be/acookTqf3Nc Exploit Third Party Advisory
http://htmly.com Product
https://www.cvedetails.com/cve/CVE-2021-36703/ Third Party Advisory
https://github.com/MoritzHuppert/CVE-2022-25022/blob/main/CVE-2022-25022.pdf Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:htmly:htmly:2.8.1:*:*:*:*:*:*:*

Information

Published : 2022-02-28 18:15

Updated : 2022-03-08 16:43


NVD link : CVE-2022-25022

Mitre link : CVE-2022-25022


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

htmly

  • htmly