Vulnerabilities

CVE-2022-46769

by Fred · 09/01/2023

An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in the site group feature. Upgrade to Apache Sling App CMS >= 1.1.4

Date published : 2023-01-09

https://sling.apache.org/news.html

Similar

Tags: Cybersecurity Alert