Security Advisory

CVE-2022-23045

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-19 20:38:57

Last updated 2024-08-03 03:28:43

Assigner Fluid Attacks

State PUBLISHED

Description

PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS.

← Browse all CVEs View on cve.org ↗