Back to search
CVE-2022-37431
Published: Aug 5, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. NOTE: the vendor disputes this because the current product behavior, in effect, has XSS_PROTECTION_ENABLED=true in all configurations
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://fortiguard.fortinet.com/zeroday/FG-VD-22-062
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now