Security Advisory

CVE-2022-2514

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-25 13:42:34

Last updated 2024-08-03 00:39:08

Assigner @huntrdev

State PUBLISHED

Description

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.

← Browse all CVEs View on cve.org ↗