CVE-2022-3245

medium

Description

HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.

References

https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0

https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc

Details

Source: Mitre, NVD

Published: 2022-09-20

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00368