Moderate severityNVD Advisory· Published Feb 5, 2022· Updated Aug 2, 2024
Cross-site Scripting (XSS) - Reflected in ptrofimov/beanstalk_console
CVE-2022-0501
Description
Cross-site Scripting (XSS) - Reflected in Packagist ptrofimov/beanstalk_console prior to 1.7.12.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ptrofimov/beanstalk_consolePackagist | < 1.7.12 | 1.7.12 |
Affected products
1- Range: unspecified
Patches
11 file changed · +1 −1
lib/include.php+1 −1 modified@@ -19,7 +19,7 @@ function autoload_class($class) { require_once dirname(__FILE__) . '/../config.php'; require_once dirname(__FILE__) . '/../src/Storage.php'; -$GLOBALS['server'] = !empty($_GET['server']) ? $_GET['server'] : ''; +$GLOBALS['server'] = !empty($_GET['server']) ? htmlspecialchars($_GET['server']) : ''; $GLOBALS['action'] = !empty($_GET['action']) ? $_GET['action'] : ''; $GLOBALS['state'] = !empty($_GET['state']) ? $_GET['state'] : ''; $GLOBALS['count'] = !empty($_GET['count']) ? $_GET['count'] : '';
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-gj85-pvp5-mvf9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-0501ghsaADVISORY
- github.com/ptrofimov/beanstalk_console/commit/e351c8260ec1d3718d9e475ee57c7e12c47f19daghsax_refsource_MISCWEB
- huntr.dev/bounties/9af1c35e-3f74-4c93-a241-e8be01335ec7ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.