CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1439

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.342

EPSS Ranking 96.8%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 4.3

References

Products affected by CVE-2022-1439

Microweber » Microweber » Version: N/A

cpe:2.3:a:microweber:microweber:-
Microweber » Microweber » Version: 0.750

cpe:2.3:a:microweber:microweber:0.750
Microweber » Microweber » Version: 0.8

cpe:2.3:a:microweber:microweber:0.8
Microweber » Microweber » Version: 0.823

cpe:2.3:a:microweber:microweber:0.823
Microweber » Microweber » Version: 0.830

cpe:2.3:a:microweber:microweber:0.830
Microweber » Microweber » Version: 0.9.346

cpe:2.3:a:microweber:microweber:0.9.346
Microweber » Microweber » Version: 0.93

cpe:2.3:a:microweber:microweber:0.93
Microweber » Microweber » Version: 0.931

cpe:2.3:a:microweber:microweber:0.931
Microweber » Microweber » Version: 0.934

cpe:2.3:a:microweber:microweber:0.934
Microweber » Microweber » Version: 0.95

cpe:2.3:a:microweber:microweber:0.95
Microweber » Microweber » Version: 0.951

cpe:2.3:a:microweber:microweber:0.951
Microweber » Microweber » Version: 1.0.3

cpe:2.3:a:microweber:microweber:1.0.3
Microweber » Microweber » Version: 1.0.4

cpe:2.3:a:microweber:microweber:1.0.4
Microweber » Microweber » Version: 1.0.5

cpe:2.3:a:microweber:microweber:1.0.5
Microweber » Microweber » Version: 1.0.6

cpe:2.3:a:microweber:microweber:1.0.6
Microweber » Microweber » Version: 1.0.7

cpe:2.3:a:microweber:microweber:1.0.7
Microweber » Microweber » Version: 1.0.8

cpe:2.3:a:microweber:microweber:1.0.8
Microweber » Microweber » Version: 1.1

cpe:2.3:a:microweber:microweber:1.1
Microweber » Microweber » Version: 1.1.18

cpe:2.3:a:microweber:microweber:1.1.18
Microweber » Microweber » Version: 1.1.20

cpe:2.3:a:microweber:microweber:1.1.20
Microweber » Microweber » Version: 1.1.3

cpe:2.3:a:microweber:microweber:1.1.3
Microweber » Microweber » Version: 1.2.10

cpe:2.3:a:microweber:microweber:1.2.10
Microweber » Microweber » Version: 1.2.11

cpe:2.3:a:microweber:microweber:1.2.11
Microweber » Microweber » Version: 1.2.12

cpe:2.3:a:microweber:microweber:1.2.12
Microweber » Microweber » Version: 1.2.13

cpe:2.3:a:microweber:microweber:1.2.13
Microweber » Microweber » Version: 1.2.14

cpe:2.3:a:microweber:microweber:1.2.14
Microweber » Microweber » Version: 1.2.3

cpe:2.3:a:microweber:microweber:1.2.3
Microweber » Microweber » Version: 1.2.4

cpe:2.3:a:microweber:microweber:1.2.4
Microweber » Microweber » Version: 1.2.5

cpe:2.3:a:microweber:microweber:1.2.5
Microweber » Microweber » Version: 1.2.6

cpe:2.3:a:microweber:microweber:1.2.6
Microweber » Microweber » Version: 1.2.7

cpe:2.3:a:microweber:microweber:1.2.7
Microweber » Microweber » Version: 1.2.8

cpe:2.3:a:microweber:microweber:1.2.8
Microweber » Microweber » Version: 1.2.9

cpe:2.3:a:microweber:microweber:1.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1439

Products

Pricing

Contact Us