Vulnerability Details CVE-2022-39824
Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server via the currentItem property of the list widget, e.g., to perform DoS attacks or achieve an information leak.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.7%
CVSS Severity
CVSS v3 Score 8.9
References
Products affected by CVE-2022-39824
-
cpe:2.3:a:appsmith:appsmith:0.0.1.30
-
cpe:2.3:a:appsmith:appsmith:0.1.10
-
cpe:2.3:a:appsmith:appsmith:0.1.11
-
cpe:2.3:a:appsmith:appsmith:0.1.12
-
cpe:2.3:a:appsmith:appsmith:0.1.13
-
cpe:2.3:a:appsmith:appsmith:0.1.14
-
cpe:2.3:a:appsmith:appsmith:0.1.15
-
cpe:2.3:a:appsmith:appsmith:0.1.16
-
cpe:2.3:a:appsmith:appsmith:0.1.17
-
cpe:2.3:a:appsmith:appsmith:0.1.18
-
cpe:2.3:a:appsmith:appsmith:0.1.19
-
cpe:2.3:a:appsmith:appsmith:0.1.20
-
cpe:2.3:a:appsmith:appsmith:0.1.21
-
cpe:2.3:a:appsmith:appsmith:0.1.22
-
cpe:2.3:a:appsmith:appsmith:0.1.23
-
cpe:2.3:a:appsmith:appsmith:0.1.24
-
cpe:2.3:a:appsmith:appsmith:0.1.25
-
cpe:2.3:a:appsmith:appsmith:0.1.26
-
cpe:2.3:a:appsmith:appsmith:0.1.27
-
cpe:2.3:a:appsmith:appsmith:0.1.28
-
cpe:2.3:a:appsmith:appsmith:0.1.29
-
cpe:2.3:a:appsmith:appsmith:0.1.31
-
cpe:2.3:a:appsmith:appsmith:0.1.32
-
cpe:2.3:a:appsmith:appsmith:0.1.33
-
cpe:2.3:a:appsmith:appsmith:0.1.34
-
cpe:2.3:a:appsmith:appsmith:0.1.35
-
cpe:2.3:a:appsmith:appsmith:0.1.36
-
cpe:2.3:a:appsmith:appsmith:0.1.37
-
cpe:2.3:a:appsmith:appsmith:0.1.38
-
cpe:2.3:a:appsmith:appsmith:0.1.6.23
-
cpe:2.3:a:appsmith:appsmith:0.1.6.25
-
cpe:2.3:a:appsmith:appsmith:0.2
-
cpe:2.3:a:appsmith:appsmith:0.3
-
cpe:2.3:a:appsmith:appsmith:0.4
-
cpe:2.3:a:appsmith:appsmith:0.5
-
cpe:2.3:a:appsmith:appsmith:0.6
-
cpe:2.3:a:appsmith:appsmith:1.0
-
cpe:2.3:a:appsmith:appsmith:1.0.0
-
cpe:2.3:a:appsmith:appsmith:1.0.1
-
cpe:2.3:a:appsmith:appsmith:1.0.2
-
cpe:2.3:a:appsmith:appsmith:1.1
-
cpe:2.3:a:appsmith:appsmith:1.2
-
cpe:2.3:a:appsmith:appsmith:1.2.1
-
cpe:2.3:a:appsmith:appsmith:1.2.10
-
cpe:2.3:a:appsmith:appsmith:1.2.11
-
cpe:2.3:a:appsmith:appsmith:1.2.12
-
cpe:2.3:a:appsmith:appsmith:1.2.13
-
cpe:2.3:a:appsmith:appsmith:1.2.14
-
cpe:2.3:a:appsmith:appsmith:1.2.15
-
cpe:2.3:a:appsmith:appsmith:1.2.16
-
cpe:2.3:a:appsmith:appsmith:1.2.17
-
cpe:2.3:a:appsmith:appsmith:1.2.18
-
cpe:2.3:a:appsmith:appsmith:1.2.19
-
cpe:2.3:a:appsmith:appsmith:1.2.2
-
cpe:2.3:a:appsmith:appsmith:1.2.20
-
cpe:2.3:a:appsmith:appsmith:1.2.21
-
cpe:2.3:a:appsmith:appsmith:1.2.22
-
cpe:2.3:a:appsmith:appsmith:1.2.23
-
cpe:2.3:a:appsmith:appsmith:1.2.24
-
cpe:2.3:a:appsmith:appsmith:1.2.25
-
cpe:2.3:a:appsmith:appsmith:1.2.3
-
cpe:2.3:a:appsmith:appsmith:1.2.4
-
cpe:2.3:a:appsmith:appsmith:1.2.5
-
cpe:2.3:a:appsmith:appsmith:1.2.6
-
cpe:2.3:a:appsmith:appsmith:1.2.7
-
cpe:2.3:a:appsmith:appsmith:1.2.8
-
cpe:2.3:a:appsmith:appsmith:1.2.9
-
cpe:2.3:a:appsmith:appsmith:1.3
-
cpe:2.3:a:appsmith:appsmith:1.3.1
-
cpe:2.3:a:appsmith:appsmith:1.3.2
-
cpe:2.3:a:appsmith:appsmith:1.3.3
-
cpe:2.3:a:appsmith:appsmith:1.3.4
-
cpe:2.3:a:appsmith:appsmith:1.3.5
-
cpe:2.3:a:appsmith:appsmith:1.3.5.1
-
cpe:2.3:a:appsmith:appsmith:1.4
-
cpe:2.3:a:appsmith:appsmith:1.4.1
-
cpe:2.3:a:appsmith:appsmith:1.4.10
-
cpe:2.3:a:appsmith:appsmith:1.4.2
-
cpe:2.3:a:appsmith:appsmith:1.4.3
-
cpe:2.3:a:appsmith:appsmith:1.4.4
-
cpe:2.3:a:appsmith:appsmith:1.4.5
-
cpe:2.3:a:appsmith:appsmith:1.4.6
-
cpe:2.3:a:appsmith:appsmith:1.4.7
-
cpe:2.3:a:appsmith:appsmith:1.4.8
-
cpe:2.3:a:appsmith:appsmith:1.4.9
-
cpe:2.3:a:appsmith:appsmith:1.5
-
cpe:2.3:a:appsmith:appsmith:1.5.1
-
cpe:2.3:a:appsmith:appsmith:1.5.10
-
cpe:2.3:a:appsmith:appsmith:1.5.11
-
cpe:2.3:a:appsmith:appsmith:1.5.12
-
cpe:2.3:a:appsmith:appsmith:1.5.13
-
cpe:2.3:a:appsmith:appsmith:1.5.14
-
cpe:2.3:a:appsmith:appsmith:1.5.15
-
cpe:2.3:a:appsmith:appsmith:1.5.16
-
cpe:2.3:a:appsmith:appsmith:1.5.17
-
cpe:2.3:a:appsmith:appsmith:1.5.18
-
cpe:2.3:a:appsmith:appsmith:1.5.19
-
cpe:2.3:a:appsmith:appsmith:1.5.2
-
cpe:2.3:a:appsmith:appsmith:1.5.20
-
cpe:2.3:a:appsmith:appsmith:1.5.21
-
cpe:2.3:a:appsmith:appsmith:1.5.22
-
cpe:2.3:a:appsmith:appsmith:1.5.23
-
cpe:2.3:a:appsmith:appsmith:1.5.24
-
cpe:2.3:a:appsmith:appsmith:1.5.25
-
cpe:2.3:a:appsmith:appsmith:1.5.26
-
cpe:2.3:a:appsmith:appsmith:1.5.27
-
cpe:2.3:a:appsmith:appsmith:1.5.28
-
cpe:2.3:a:appsmith:appsmith:1.5.29
-
cpe:2.3:a:appsmith:appsmith:1.5.3
-
cpe:2.3:a:appsmith:appsmith:1.5.3.1
-
cpe:2.3:a:appsmith:appsmith:1.5.3.2
-
cpe:2.3:a:appsmith:appsmith:1.5.3.3
-
cpe:2.3:a:appsmith:appsmith:1.5.30
-
cpe:2.3:a:appsmith:appsmith:1.5.4
-
cpe:2.3:a:appsmith:appsmith:1.5.5
-
cpe:2.3:a:appsmith:appsmith:1.5.6
-
cpe:2.3:a:appsmith:appsmith:1.5.7
-
cpe:2.3:a:appsmith:appsmith:1.5.8
-
cpe:2.3:a:appsmith:appsmith:1.5.9
-
cpe:2.3:a:appsmith:appsmith:1.6.0
-
cpe:2.3:a:appsmith:appsmith:1.6.1
-
cpe:2.3:a:appsmith:appsmith:1.6.10
-
cpe:2.3:a:appsmith:appsmith:1.6.11
-
cpe:2.3:a:appsmith:appsmith:1.6.12
-
cpe:2.3:a:appsmith:appsmith:1.6.13
-
cpe:2.3:a:appsmith:appsmith:1.6.14
-
cpe:2.3:a:appsmith:appsmith:1.6.15
-
cpe:2.3:a:appsmith:appsmith:1.6.16
-
cpe:2.3:a:appsmith:appsmith:1.6.17
-
cpe:2.3:a:appsmith:appsmith:1.6.18
-
cpe:2.3:a:appsmith:appsmith:1.6.19
-
cpe:2.3:a:appsmith:appsmith:1.6.2
-
cpe:2.3:a:appsmith:appsmith:1.6.20
-
cpe:2.3:a:appsmith:appsmith:1.6.21
-
cpe:2.3:a:appsmith:appsmith:1.6.22
-
cpe:2.3:a:appsmith:appsmith:1.6.3
-
cpe:2.3:a:appsmith:appsmith:1.6.4
-
cpe:2.3:a:appsmith:appsmith:1.6.5
-
cpe:2.3:a:appsmith:appsmith:1.6.6
-
cpe:2.3:a:appsmith:appsmith:1.6.7
-
cpe:2.3:a:appsmith:appsmith:1.6.8
-
cpe:2.3:a:appsmith:appsmith:1.6.9
-
cpe:2.3:a:appsmith:appsmith:1.7.0
-
cpe:2.3:a:appsmith:appsmith:1.7.1
-
cpe:2.3:a:appsmith:appsmith:1.7.10
-
cpe:2.3:a:appsmith:appsmith:1.7.11
-
cpe:2.3:a:appsmith:appsmith:1.7.12
-
cpe:2.3:a:appsmith:appsmith:1.7.13
-
cpe:2.3:a:appsmith:appsmith:1.7.14
-
cpe:2.3:a:appsmith:appsmith:1.7.2
-
cpe:2.3:a:appsmith:appsmith:1.7.3
-
cpe:2.3:a:appsmith:appsmith:1.7.4
-
cpe:2.3:a:appsmith:appsmith:1.7.5
-
cpe:2.3:a:appsmith:appsmith:1.7.6
-
cpe:2.3:a:appsmith:appsmith:1.7.7
-
cpe:2.3:a:appsmith:appsmith:1.7.8
-
cpe:2.3:a:appsmith:appsmith:1.7.9