CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Kiwitcms: >> Kiwi Tcms >> 10.4 Security Vulnerabilities

CVE-2022-4105

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack (clickjacking) and an HTML injection which disables the use of the history page.

CVSS Score

7.1

EPSS Score

0.001

Published

2022-11-21

Page 2

Vulnerabilities

Vulnerable Software

Kiwitcms: >> Kiwi Tcms >> 10.4 Security Vulnerabilities

Products

Pricing

Contact Us