CVE-2022-42960

EqualWeb Accessibility Widget 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.10, 3.0.0, 3.0.1, 3.0.2, 4.0.0, and 4.0.1 allows DOM XSS due to improper validation of message events to accessibility.js.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:equalweb:equalweb_accessibility_widget:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:2.1.10:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:equalweb:equalweb_accessibility_widget:2.0.0:*:*:*:*:*:*:*

Information

Published : 2022-11-16 16:15

Updated : 2022-11-21 10:23


NVD link : CVE-2022-42960

Mitre link : CVE-2022-42960


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

equalweb

  • equalweb_accessibility_widget