Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor F5 Subscribe
Filtered by product Nginx Controller Api Management
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23008 1 F5 1 Nginx Controller Api Management 2022-02-01 5.5 MEDIUM 8.1 HIGH
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.