VYPR
leads to cross site scripting. It is possible to initiate the attack remotely","datePublished":"2022-04-29T07:40:10Z","dateModified":"2025-04-15T14:41:04.618Z","publisher":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"author":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"proficiencyLevel":"Expert","about":{"@type":"Thing","@id":"https://nvd.nist.gov/vuln/detail/CVE-2022-1526","name":"CVE-2022-1526","identifier":"CVE-2022-1526","description":"A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter handling of articles. The manipulation with the input leads to cross site scripting. It is possible to initiate the attack remotely but it requires a signup and login by the attacker. The exploit has been disclosed to the public and may be used.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1526"]},"keywords":"CVE-2022-1526, Ultimate Project Manager CRM PRO, Unspecified Emlog","mentions":[{"@type":"SoftwareApplication","name":"PRO","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Ultimate Project Manager CRM"}},{"@type":"SoftwareApplication","name":"Emlog","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Unspecified"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2022-1526","item":"https://portal.vyprsec.ai/cves/CVE-2022-1526"}]}]}
Unrated severityNVD Advisory· Published Apr 29, 2022· Updated Apr 15, 2025

Emlog Pro POST Parameter cross site scripting

CVE-2022-1526

Description

A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter handling of articles. The manipulation with the input leads to cross site scripting. It is possible to initiate the attack remotely but it requires a signup and login by the attacker. The exploit has been disclosed to the public and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.