VYPR
leads to a cross site scripting. The attack can ","datePublished":"2022-04-29T13:10:12Z","dateModified":"2025-04-15T14:40:54.853Z","publisher":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"author":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"proficiencyLevel":"Expert","about":{"@type":"Thing","@id":"https://nvd.nist.gov/vuln/detail/CVE-2022-1536","name":"CVE-2022-1536","identifier":"CVE-2022-1536","description":"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1536"]},"keywords":"CVE-2022-1536, Automad Automad, unspecified automad","mentions":[{"@type":"SoftwareApplication","name":"Automad","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Automad"}},{"@type":"SoftwareApplication","name":"automad","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"unspecified"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2022-1536","item":"https://portal.vyprsec.ai/cves/CVE-2022-1536"}]}]}</script><div class="text-[12px] text-ink-subtle"><a class="hover:text-ink underline decoration-ink/30 underline-offset-2" href="/cves">← All advisories</a></div><header class="space-y-4 border-b border-line pb-6"><div class="flex items-center gap-2 flex-wrap"><span class="inline-flex items-center gap-2 text-[11px] uppercase tracking-[0.14em] font-bold border px-2.5 py-1 bg-cream-dark/40 text-ink-subtle border-line">Unrated<!-- --> severity</span><span class="text-[10px] uppercase tracking-[0.18em] font-mono font-semibold text-ink-subtle ml-1">NVD Advisory</span><span class="text-[10px] uppercase tracking-[0.16em] text-ink-subtle font-mono">· Published <!-- -->Apr 29, 2022</span><span class="text-[10px] uppercase tracking-[0.16em] text-ink-subtle font-mono">· Updated <!-- -->Apr 15, 2025</span></div><h1 class="vyc-display text-3xl sm:text-4xl text-ink leading-[1.15] max-w-4xl">automad Dashboard cross site scripting</h1><div class="flex items-center gap-3 flex-wrap text-[12px] text-ink-subtle font-mono"><span class="text-ink font-semibold">CVE-2022-1536</span></div></header><div class="grid grid-cols-1 lg:grid-cols-12 gap-10"><div class="lg:col-span-8 space-y-10"><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">Description</h2></header><div class="space-y-4 text-[15px] leading-[1.7] text-ink"><p class="text-ink-muted leading-relaxed">A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.</p></div></section><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">AI Insight</h2></header><p class="text-[12px] text-ink-subtle -mt-2 mb-4 leading-relaxed">LLM-synthesized narrative grounded in this CVE's description and references.</p><div aria-hidden="true" class="flex flex-col gap-2.5"><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[96%]"></div><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[90%]"></div><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[93%]"></div><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[72%]"></div></div></section><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">Affected products</h2><span class="text-[12px] text-ink-subtle font-mono tabular-nums">2</span></header><ul class="divide-y divide-line border-y border-line"><li class="py-2 flex items-start justify-between gap-4"><div class="min-w-0 flex-1"><div class="flex flex-wrap items-baseline gap-x-2 gap-y-1 text-[14px]"><a class="font-medium text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink" href="/vendors/automad">Automad</a><span class="text-ink-subtle">/</span><a class="font-medium text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink" href="/products/29394">Automad</a><span title="source: llm-fuzzy" class="text-[10px] uppercase tracking-[0.14em] font-semibold text-ink-subtle border border-line px-1.5 py-0.5">llm-fuzzy</span></div><div class="text-[12px] text-ink-muted mt-0.5"><span class="text-ink-subtle">Range:</span> <span class="font-mono"><=1.10.9</span></div></div></li><li class="py-2 flex items-start justify-between gap-4"><div class="min-w-0 flex-1"><div class="flex flex-wrap items-baseline gap-x-2 gap-y-1 text-[14px]"><span class="font-medium text-ink-muted" title="Vendor name from advisory; not yet mapped to a canonical company">unspecified</span><span class="text-ink-subtle">/</span><span class="font-medium text-ink-muted" title="Product name from advisory; not yet mapped to a canonical product">automad</span><span title="source: v5" class="text-[10px] uppercase tracking-[0.14em] font-semibold text-ink-subtle border border-line px-1.5 py-0.5">v5</span></div><div class="text-[12px] text-ink-muted mt-0.5"><span class="text-ink-subtle">Range:</span> <span class="font-mono">1.10.0</span></div></div></li></ul></section><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">Patches</h2></header><div aria-hidden="true" class="flex flex-col gap-2.5"><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[80%]"></div><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[65%]"></div></div></section><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">Vulnerability mechanics</h2></header><div aria-hidden="true" class="flex flex-col gap-2.5"><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[80%]"></div><div class="h-3 rounded-sm bg-ink/10 animate-pulse w-[65%]"></div></div></section><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">References</h2><span class="text-[12px] text-ink-subtle font-mono tabular-nums">2</span></header><ul class="divide-y divide-line border-y border-line"><li class="py-2 leading-snug flex flex-wrap items-baseline gap-x-2 gap-y-0.5"><a href="https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting%28XSS%29.md" target="_blank" rel="noreferrer" class="text-[14px] text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink break-all">github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting%28XSS%29.md</a><span class="flex flex-wrap items-center gap-1.5 text-[10px] uppercase tracking-[0.12em] text-ink-subtle font-mono"><span>mitre</span><span class="border border-line px-1 py-px">x_refsource_MISC</span></span></li><li class="py-2 leading-snug flex flex-wrap items-baseline gap-x-2 gap-y-0.5"><a href="https://vuldb.com/?id.198706" target="_blank" rel="noreferrer" class="text-[14px] text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink break-all">vuldb.com</a><span class="flex flex-wrap items-center gap-1.5 text-[10px] uppercase tracking-[0.12em] text-ink-subtle font-mono"><span>mitre</span><span class="border border-line px-1 py-px">x_refsource_MISC</span></span></li></ul></section><section><header class="mb-4 flex items-baseline gap-3"><h2 class="vyc-display text-xl text-ink">News mentions</h2><span class="text-[12px] text-ink-subtle font-mono tabular-nums">0</span></header><p class="text-[13px] text-ink-subtle italic">No linked articles in our index yet.</p></section></div><aside class="lg:col-span-4 space-y-6"><section class="border border-line bg-white p-4"><h3 class="text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3">Severity</h3><p class="text-[13px] text-ink-subtle italic">No CVSS score yet.</p></section><section class="border border-line bg-white p-4"><h3 class="text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3">EPSS</h3><div class="text-[11px] text-ink-subtle leading-relaxed mb-2">Probability of exploitation in the next 30 days.</div><div class="flex items-baseline gap-2"><span class="font-mono text-2xl tabular-nums text-ink">0.64</span><span class="text-[12px] text-ink-subtle">%</span></div><div class="mt-2 h-1.5 w-full bg-cream-dark/60"><div class="h-full bg-ink" style="width:0.64%"></div></div></section><section class="border border-line bg-white p-4"><h3 class="text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3">VYPR risk score</h3><p class="text-[11px] text-ink-subtle leading-relaxed -mt-2 mb-3">Composite of severity, exploitation, and reach.</p><div class="flex items-baseline justify-between gap-2"><span class="font-mono text-2xl tabular-nums text-ink">0.00</span><span class="text-[10px] uppercase tracking-[0.16em] font-bold text-emerald-900">low</span></div><div class="mt-2 h-1.5 w-full bg-cream-dark/60"><div class="h-full bg-emerald-500" style="width:0.05120000000000001%"></div></div><table class="w-full text-[12px] mt-3"><tbody><tr class="border-b border-line/60 last:border-b-0"><td class="py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]">cvss</td><td class="py-1 text-right tabular-nums font-mono text-ink">0.000</td></tr><tr class="border-b border-line/60 last:border-b-0"><td class="py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]">epss</td><td class="py-1 text-right tabular-nums font-mono text-ink">0.001</td></tr><tr class="border-b border-line/60 last:border-b-0"><td class="py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]">exploit</td><td class="py-1 text-right tabular-nums font-mono text-ink">0.000</td></tr><tr class="border-b border-line/60 last:border-b-0"><td class="py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]">kev</td><td class="py-1 text-right tabular-nums font-mono text-ink">0.000</td></tr><tr class="border-b border-line/60 last:border-b-0"><td class="py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]">patch</td><td class="py-1 text-right tabular-nums font-mono text-ink">0.000</td></tr><tr class="border-b border-line/60 last:border-b-0"><td class="py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]">ransomware</td><td class="py-1 text-right tabular-nums font-mono text-ink">0.000</td></tr></tbody></table></section><section class="border border-line bg-white p-4"><h3 class="text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3">Weaknesses</h3><p class="text-[13px] text-ink-subtle italic">No CWEs mapped.</p></section><section class="border border-line bg-white p-4"><h3 class="text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3">CVE ID</h3><code class="block font-mono text-[14px] text-ink font-semibold break-all">CVE-2022-1536</code></section></aside></div></article><!--$--><!--/$--></div></main><footer class="border-t border-line bg-cream-dark/40"><div class="max-w-[1400px] mx-auto px-4 lg:px-8 py-12"><div class="flex flex-col gap-10 lg:flex-row lg:justify-between"><div class="max-w-xs"><a aria-label="VYPR home" class="flex items-center gap-2" href="/"><img alt="VYPR" loading="lazy" width="28" height="28" decoding="async" data-nimg="1" style="color:transparent" src="/vypr-icon-light.svg"/><span class="text-lg font-semibold text-ink">VYPR</span></a><p class="mt-3 text-sm text-ink-subtle">Vulnerability intelligence — CVEs, exploitation, patches and supply-chain threats, continuously enriched.</p><div class="mt-5 flex items-center gap-4"><a href="https://www.linkedin.com/company/vyprai/posts/?feedView=all" aria-label="LinkedIn" target="_blank" rel="noopener noreferrer" class="text-ink-subtle hover:text-ink transition-colors"><svg width="18" height="18" viewBox="0 0 24 24" fill="currentColor" aria-hidden="true"><path d="M20.447 20.452h-3.554v-5.569c0-1.328-.027-3.037-1.852-3.037-1.853 0-2.136 1.445-2.136 2.939v5.667H9.351V9h3.414v1.561h.046c.477-.9 1.637-1.85 3.37-1.85 3.601 0 4.267 2.37 4.267 5.455v6.286zM5.337 7.433a2.062 2.062 0 01-2.063-2.065 2.064 2.064 0 112.063 2.065zm1.782 13.019H3.555V9h3.564v11.452zM22.225 0H1.771C.792 0 0 .774 0 1.729v20.542C0 23.227.792 24 1.771 24h20.451C23.2 24 24 23.227 24 22.271V1.729C24 .774 23.2 0 22.222 0h.003z"></path></svg></a></div></div><div class="grid grid-cols-2 gap-8 sm:grid-cols-3 lg:gap-16"><div><h3 class="text-xs font-semibold uppercase tracking-wide text-ink">Explore</h3><ul class="mt-3 space-y-2.5 text-sm"><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/briefs">Briefs</a></li><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/stories">Stories</a></li><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/articles">Articles</a></li></ul></div><div><h3 class="text-xs font-semibold uppercase tracking-wide text-ink">Database</h3><ul class="mt-3 space-y-2.5 text-sm"><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/cves">CVEs</a></li><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/products">Products</a></li><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/vendors">Vendors</a></li><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/packages">Packages</a></li><li><a class="text-ink-subtle hover:text-ink transition-colors" href="/malware">Malware</a></li></ul></div><div><h3 class="text-xs font-semibold uppercase tracking-wide text-ink">Company</h3><ul class="mt-3 space-y-2.5 text-sm"><li><a href="https://vyprsec.ai" class="text-ink-subtle hover:text-ink transition-colors" target="_blank" rel="noopener noreferrer">vyprsec.ai</a></li><li><a href="https://vyprsec.ai/about" class="text-ink-subtle hover:text-ink transition-colors" target="_blank" rel="noopener noreferrer">About</a></li><li><a href="mailto:hello@vyprsec.ai" class="text-ink-subtle hover:text-ink transition-colors">Contact</a></li></ul></div></div></div><div class="mt-12 border-t border-line pt-6 flex flex-wrap items-center justify-between gap-4 text-xs text-ink-subtle"><span>© <!-- -->2026<!-- --> VYPR — vulnerability intelligence</span><span class="flex flex-wrap items-center gap-5"><a href="https://vyprsec.ai/en/privacy" target="_blank" rel="noopener noreferrer" class="hover:text-ink transition-colors">Privacy Policy</a><a href="https://vyprsec.ai/en/terms" target="_blank" rel="noopener noreferrer" class="hover:text-ink transition-colors">Terms</a><button type="button" class="underline-offset-2 hover:underline hover:text-ink transition-colors">Cookie settings</button></span></div></div></footer><script src="/_next/static/chunks/webpack-caa21fb8525f2992.js" id="_R_" async=""></script><script>(self.__next_f=self.__next_f||[]).push([0])</script><script>self.__next_f.push([1,"1:\"$Sreact.fragment\"\n2:I[3584,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"AuthProvider\"]\n3:I[8850,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"Header\"]\n4:I[9766,[],\"\"]\n5:I[960,[\"39\",\"static/chunks/app/error-970508f6402c5ae0.js\"],\"default\"]\n6:I[8924,[],\"\"]\n7:I[2619,[\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"516\",\"static/chunks/app/cves/%5Bid%5D/page-303c122bf639e11a.js\"],\"\"]\n8:I[1356,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"Image\"]\n15:I[7150,[],\"\"]\n16:I[5423,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"CookieSettingsButton\"]\n17:I[5423,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"CookieConsent\"]\n18:I[2269,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"NewsletterNudge\"]\n19:I[3195,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"Analytics\"]\n1a:I[3195,[\"229\",\"static/chunks/9da6db1e-c3ea6f83d7fa082a.js\",\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"937\",\"static/chunks/937-6b4ab712e8e6c861.js\",\"177\",\"static/chunks/app/layout-6a93b7436526966f.js\"],\"PostHogAna"])</script><script>self.__next_f.push([1,"lytics\"]\n1c:I[4431,[],\"OutletBoundary\"]\n1e:I[5278,[],\"AsyncMetadataOutlet\"]\n20:I[4431,[],\"ViewportBoundary\"]\n22:I[4431,[],\"MetadataBoundary\"]\n23:\"$Sreact.suspense\"\n:HL[\"/_next/static/media/0b78ff376f6b9734-s.p.woff2\",\"font\",{\"crossOrigin\":\"\",\"type\":\"font/woff2\"}]\n:HL[\"/_next/static/media/723e11e5093b8e80.p.woff2\",\"font\",{\"crossOrigin\":\"\",\"type\":\"font/woff2\"}]\n:HL[\"/_next/static/css/56e74697ed07a30d.css\",\"style\"]\n"])</script><script>self.__next_f.push([1,"0:{\"P\":null,\"b\":\"MS_U--YkGev2mXE8fmAtX\",\"p\":\"\",\"c\":[\"\",\"cves\",\"CVE-2022-1536\"],\"i\":false,\"f\":[[[\"\",{\"children\":[\"cves\",{\"children\":[[\"id\",\"CVE-2022-1536\",\"d\"],{\"children\":[\"__PAGE__\",{}]}]}]},\"$undefined\",\"$undefined\",true],[\"\",[\"$\",\"$1\",\"c\",{\"children\":[[[\"$\",\"link\",\"0\",{\"rel\":\"stylesheet\",\"href\":\"/_next/static/css/56e74697ed07a30d.css\",\"precedence\":\"next\",\"crossOrigin\":\"$undefined\",\"nonce\":\"$undefined\"}]],[\"$\",\"html\",null,{\"lang\":\"en\",\"className\":\"__variable_8adcd2 __variable_46451f\",\"children\":[[\"$\",\"head\",null,{\"children\":null}],[\"$\",\"body\",null,{\"className\":\"min-h-screen flex flex-col font-sans\",\"children\":[\"$\",\"$L2\",null,{\"children\":[[\"$\",\"$L3\",null,{}],[\"$\",\"main\",null,{\"className\":\"flex-1\",\"children\":[\"$\",\"div\",null,{\"className\":\"max-w-[1400px] mx-auto px-4 lg:px-8 py-8\",\"children\":[\"$\",\"$L4\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$5\",\"errorStyles\":[],\"errorScripts\":[],\"template\":[\"$\",\"$L6\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":[[\"$\",\"div\",null,{\"className\":\"text-center py-16\",\"children\":[[\"$\",\"h1\",null,{\"className\":\"text-3xl font-semibold mb-2\",\"children\":\"Not found\"}],[\"$\",\"p\",null,{\"className\":\"text-gray-600 mb-6\",\"children\":\"That CVE, company, product, or CWE isn't in our database.\"}],[\"$\",\"$L7\",null,{\"href\":\"/\",\"className\":\"text-blue-700 hover:underline\",\"children\":\"Back to dashboard\"}]]}],[]],\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]}]}],[\"$\",\"footer\",null,{\"className\":\"border-t border-line bg-cream-dark/40\",\"children\":[\"$\",\"div\",null,{\"className\":\"max-w-[1400px] mx-auto px-4 lg:px-8 py-12\",\"children\":[[\"$\",\"div\",null,{\"className\":\"flex flex-col gap-10 lg:flex-row lg:justify-between\",\"children\":[[\"$\",\"div\",null,{\"className\":\"max-w-xs\",\"children\":[[\"$\",\"$L7\",null,{\"href\":\"/\",\"aria-label\":\"VYPR home\",\"className\":\"flex items-center gap-2\",\"children\":[[\"$\",\"$L8\",null,{\"src\":\"/vypr-icon-light.svg\",\"alt\":\"VYPR\",\"width\":28,\"height\":28}],[\"$\",\"span\",null,{\"className\":\"text-lg font-semibold text-ink\",\"children\":\"VYPR\"}]]}],[\"$\",\"p\",null,{\"className\":\"mt-3 text-sm text-ink-subtle\",\"children\":\"Vulnerability intelligence — CVEs, exploitation, patches and supply-chain threats, continuously enriched.\"}],[\"$\",\"div\",null,{\"className\":\"mt-5 flex items-center gap-4\",\"children\":[[\"$\",\"a\",\"LinkedIn\",{\"href\":\"https://www.linkedin.com/company/vyprai/posts/?feedView=all\",\"aria-label\":\"LinkedIn\",\"target\":\"_blank\",\"rel\":\"noopener noreferrer\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":[\"$\",\"svg\",null,{\"width\":\"18\",\"height\":\"18\",\"viewBox\":\"0 0 24 24\",\"fill\":\"currentColor\",\"aria-hidden\":true,\"children\":[\"$\",\"path\",null,{\"d\":\"M20.447 20.452h-3.554v-5.569c0-1.328-.027-3.037-1.852-3.037-1.853 0-2.136 1.445-2.136 2.939v5.667H9.351V9h3.414v1.561h.046c.477-.9 1.637-1.85 3.37-1.85 3.601 0 4.267 2.37 4.267 5.455v6.286zM5.337 7.433a2.062 2.062 0 01-2.063-2.065 2.064 2.064 0 112.063 2.065zm1.782 13.019H3.555V9h3.564v11.452zM22.225 0H1.771C.792 0 0 .774 0 1.729v20.542C0 23.227.792 24 1.771 24h20.451C23.2 24 24 23.227 24 22.271V1.729C24 .774 23.2 0 22.222 0h.003z\"}]}]}]]}]]}],[\"$\",\"div\",null,{\"className\":\"grid grid-cols-2 gap-8 sm:grid-cols-3 lg:gap-16\",\"children\":[[\"$\",\"div\",\"Explore\",{\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-xs font-semibold uppercase tracking-wide text-ink\",\"children\":\"Explore\"}],[\"$\",\"ul\",null,{\"className\":\"mt-3 space-y-2.5 text-sm\",\"children\":[[\"$\",\"li\",\"Briefs\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/briefs\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Briefs\"}]}],[\"$\",\"li\",\"Stories\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/stories\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Stories\"}]}],[\"$\",\"li\",\"Articles\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/articles\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Articles\"}]}]]}]]}],[\"$\",\"div\",\"Database\",{\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-xs font-semibold uppercase tracking-wide text-ink\",\"children\":\"Database\"}],[\"$\",\"ul\",null,{\"className\":\"mt-3 space-y-2.5 text-sm\",\"children\":[[\"$\",\"li\",\"CVEs\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/cves\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"CVEs\"}]}],[\"$\",\"li\",\"Products\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/products\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Products\"}]}],[\"$\",\"li\",\"Vendors\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/vendors\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Vendors\"}]}],\"$L9\",\"$La\"]}]]}],\"$Lb\"]}]]}],\"$Lc\"]}]}],\"$Ld\",\"$Le\",\"$Lf\",\"$L10\"]}]}]]}]]}],{\"children\":[\"cves\",\"$L11\",{\"children\":[[\"id\",\"CVE-2022-1536\",\"d\"],\"$L12\",{\"children\":[\"__PAGE__\",\"$L13\",{},null,false]},null,false]},null,false]},null,false],\"$L14\",false]],\"m\":\"$undefined\",\"G\":[\"$15\",[]],\"s\":false,\"S\":false}\n"])</script><script>self.__next_f.push([1,"9:[\"$\",\"li\",\"Packages\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/packages\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Packages\"}]}]\na:[\"$\",\"li\",\"Malware\",{\"children\":[\"$\",\"$L7\",null,{\"href\":\"/malware\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Malware\"}]}]\n"])</script><script>self.__next_f.push([1,"b:[\"$\",\"div\",\"Company\",{\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-xs font-semibold uppercase tracking-wide text-ink\",\"children\":\"Company\"}],[\"$\",\"ul\",null,{\"className\":\"mt-3 space-y-2.5 text-sm\",\"children\":[[\"$\",\"li\",\"vyprsec.ai\",{\"children\":[\"$\",\"a\",null,{\"href\":\"https://vyprsec.ai\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"target\":\"_blank\",\"rel\":\"noopener noreferrer\",\"children\":\"vyprsec.ai\"}]}],[\"$\",\"li\",\"About\",{\"children\":[\"$\",\"a\",null,{\"href\":\"https://vyprsec.ai/about\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"target\":\"_blank\",\"rel\":\"noopener noreferrer\",\"children\":\"About\"}]}],[\"$\",\"li\",\"Contact\",{\"children\":[\"$\",\"a\",null,{\"href\":\"mailto:hello@vyprsec.ai\",\"className\":\"text-ink-subtle hover:text-ink transition-colors\",\"children\":\"Contact\"}]}]]}]]}]\n"])</script><script>self.__next_f.push([1,"c:[\"$\",\"div\",null,{\"className\":\"mt-12 border-t border-line pt-6 flex flex-wrap items-center justify-between gap-4 text-xs text-ink-subtle\",\"children\":[[\"$\",\"span\",null,{\"children\":[\"© \",2026,\" VYPR — vulnerability intelligence\"]}],[\"$\",\"span\",null,{\"className\":\"flex flex-wrap items-center gap-5\",\"children\":[[\"$\",\"a\",null,{\"href\":\"https://vyprsec.ai/en/privacy\",\"target\":\"_blank\",\"rel\":\"noopener noreferrer\",\"className\":\"hover:text-ink transition-colors\",\"children\":\"Privacy Policy\"}],[\"$\",\"a\",null,{\"href\":\"https://vyprsec.ai/en/terms\",\"target\":\"_blank\",\"rel\":\"noopener noreferrer\",\"className\":\"hover:text-ink transition-colors\",\"children\":\"Terms\"}],[\"$\",\"$L16\",null,{}]]}]]}]\nd:[\"$\",\"$L17\",null,{}]\ne:[\"$\",\"$L18\",null,{}]\nf:[\"$\",\"$L19\",null,{}]\n10:[\"$\",\"$L1a\",null,{}]\n11:[\"$\",\"$1\",\"c\",{\"children\":[null,[\"$\",\"$L4\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$undefined\",\"errorStyles\":\"$undefined\",\"errorScripts\":\"$undefined\",\"template\":[\"$\",\"$L6\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":\"$undefined\",\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]]}]\n12:[\"$\",\"$1\",\"c\",{\"children\":[null,[\"$\",\"$L4\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$undefined\",\"errorStyles\":\"$undefined\",\"errorScripts\":\"$undefined\",\"template\":[\"$\",\"$L6\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":\"$undefined\",\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]]}]\n13:[\"$\",\"$1\",\"c\",{\"children\":[\"$L1b\",null,[\"$\",\"$L1c\",null,{\"children\":[\"$L1d\",[\"$\",\"$L1e\",null,{\"promise\":\"$@1f\"}]]}]]}]\n14:[\"$\",\"$1\",\"h\",{\"children\":[null,[[\"$\",\"$L20\",null,{\"children\":\"$L21\"}],[\"$\",\"meta\",null,{\"name\":\"next-size-adjust\",\"content\":\"\"}]],[\"$\",\"$L22\",null,{\"children\":[\"$\",\"div\",null,{\"hidden\":true,\"children\":[\"$\",\"$23\",null,{\"fallback\":null,\"children\":\"$L24\"}]}]}]]}]\n21:[[\"$\",\"meta\",\"0\",{\"charSet\":\"utf-8\"}],[\"$\",\"meta\",\"1\",{\"name\":\"viewport\",\"content\":\"width=device-width, initial-scale=1\"}]]\n1d:null\n"])</script><script>self.__next_f.push([1,"25:Taae,"])</script><script>self.__next_f.push([1,"{\"@context\":\"https://schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https://portal.vyprsec.ai/cves/CVE-2022-1536\",\"url\":\"https://portal.vyprsec.ai/cves/CVE-2022-1536\",\"headline\":\"CVE-2022-1536 — Vulnerability\",\"description\":\"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home\u003c/title\u003e\u003cscript\u003ealert(\\\"home\\\")\u003c/script\u003e\u003ctitle\u003e leads to a cross site scripting. The attack can \",\"datePublished\":\"2022-04-29T13:10:12Z\",\"dateModified\":\"2025-04-15T14:40:54.853Z\",\"publisher\":{\"@type\":\"Organization\",\"@id\":\"https://portal.vyprsec.ai#publisher\",\"name\":\"VYPR\",\"url\":\"https://portal.vyprsec.ai\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https://portal.vyprsec.ai/icon.svg\",\"width\":64,\"height\":64},\"description\":\"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights.\"},\"author\":{\"@type\":\"Organization\",\"@id\":\"https://portal.vyprsec.ai#publisher\",\"name\":\"VYPR\",\"url\":\"https://portal.vyprsec.ai\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https://portal.vyprsec.ai/icon.svg\",\"width\":64,\"height\":64},\"description\":\"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights.\"},\"proficiencyLevel\":\"Expert\",\"about\":{\"@type\":\"Thing\",\"@id\":\"https://nvd.nist.gov/vuln/detail/CVE-2022-1536\",\"name\":\"CVE-2022-1536\",\"identifier\":\"CVE-2022-1536\",\"description\":\"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home\u003c/title\u003e\u003cscript\u003ealert(\\\"home\\\")\u003c/script\u003e\u003ctitle\u003e leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.\",\"additionalType\":\"https://schema.org/SoftwareApplication\",\"sameAs\":[\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1536\"]},\"keywords\":\"CVE-2022-1536, Automad Automad, unspecified automad\",\"mentions\":[{\"@type\":\"SoftwareApplication\",\"name\":\"Automad\",\"applicationCategory\":\"SecurityApplication\",\"publisher\":{\"@type\":\"Organization\",\"name\":\"Automad\"}},{\"@type\":\"SoftwareApplication\",\"name\":\"automad\",\"applicationCategory\":\"SecurityApplication\",\"publisher\":{\"@type\":\"Organization\",\"name\":\"unspecified\"}}],\"isAccessibleForFree\":true},{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://portal.vyprsec.ai/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVEs\",\"item\":\"https://portal.vyprsec.ai/cves\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CVE-2022-1536\",\"item\":\"https://portal.vyprsec.ai/cves/CVE-2022-1536\"}]}]}"])</script><script>self.__next_f.push([1,"1b:[\"$\",\"article\",null,{\"className\":\"space-y-8\",\"children\":[[\"$\",\"script\",null,{\"type\":\"application/ld+json\",\"dangerouslySetInnerHTML\":{\"__html\":\"$25\"}}],[\"$\",\"div\",null,{\"className\":\"text-[12px] text-ink-subtle\",\"children\":[\"$\",\"$L7\",null,{\"href\":\"/cves\",\"className\":\"hover:text-ink underline decoration-ink/30 underline-offset-2\",\"children\":\"← All advisories\"}]}],[\"$\",\"header\",null,{\"className\":\"space-y-4 border-b border-line pb-6\",\"children\":[[\"$\",\"div\",null,{\"className\":\"flex items-center gap-2 flex-wrap\",\"children\":[[\"$\",\"span\",null,{\"className\":\"inline-flex items-center gap-2 text-[11px] uppercase tracking-[0.14em] font-bold border px-2.5 py-1 bg-cream-dark/40 text-ink-subtle border-line\",\"children\":[\"Unrated\",\" severity\",false]}],false,\"$L26\",\"$L27\",\"$L28\",\"$undefined\",false]}],\"$L29\",\"$undefined\",false,\"$L2a\"]}],\"$L2b\"]}]\n"])</script><script>self.__next_f.push([1,"2c:I[9727,[\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"516\",\"static/chunks/app/cves/%5Bid%5D/page-303c122bf639e11a.js\"],\"InsightPanel\"]\n2d:I[851,[\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"516\",\"static/chunks/app/cves/%5Bid%5D/page-303c122bf639e11a.js\"],\"PatchesPanel\"]\n26:[\"$\",\"span\",null,{\"className\":\"text-[10px] uppercase tracking-[0.18em] font-mono font-semibold text-ink-subtle ml-1\",\"children\":\"NVD Advisory\"}]\n27:[\"$\",\"span\",null,{\"className\":\"text-[10px] uppercase tracking-[0.16em] text-ink-subtle font-mono\",\"children\":[\"· Published \",\"Apr 29, 2022\"]}]\n28:[\"$\",\"span\",null,{\"className\":\"text-[10px] uppercase tracking-[0.16em] text-ink-subtle font-mono\",\"children\":[\"· Updated \",\"Apr 15, 2025\"]}]\n29:[\"$\",\"h1\",null,{\"className\":\"vyc-display text-3xl sm:text-4xl text-ink leading-[1.15] max-w-4xl\",\"children\":\"automad Dashboard cross site scripting\"}]\n2a:[\"$\",\"div\",null,{\"className\":\"flex items-center gap-3 flex-wrap text-[12px] text-ink-subtle font-mono\",\"children\":[[\"$\",\"span\",null,{\"className\":\"text-ink font-semibold\",\"children\":\"CVE-2022-1536\"}],[]]}]\n"])</script><script>self.__next_f.push([1,"2b:[\"$\",\"div\",null,{\"className\":\"grid grid-cols-1 lg:grid-cols-12 gap-10\",\"children\":[[\"$\",\"div\",null,{\"className\":\"lg:col-span-8 space-y-10\",\"children\":[[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"Description\"}],false]}],\"$undefined\",[[\"$\",\"div\",null,{\"className\":\"space-y-4 text-[15px] leading-[1.7] text-ink\",\"children\":[[\"$\",\"p\",\"0\",{\"className\":\"text-ink-muted leading-relaxed\",\"children\":[[\"$\",\"$1\",\"0\",{\"children\":\"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used.\"}]]}]]}],\"$undefined\"]]}],[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"AI Insight\"}],false]}],[\"$\",\"p\",null,{\"className\":\"text-[12px] text-ink-subtle -mt-2 mb-4 leading-relaxed\",\"children\":\"LLM-synthesized narrative grounded in this CVE's description and references.\"}],[\"$\",\"$L2c\",null,{\"cveId\":\"CVE-2022-1536\"}]]}],\"$undefined\",[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"Affected products\"}],[\"$\",\"span\",null,{\"className\":\"text-[12px] text-ink-subtle font-mono tabular-nums\",\"children\":2}]]}],\"$undefined\",[\"$\",\"ul\",null,{\"className\":\"divide-y divide-line border-y border-line\",\"children\":[[\"$\",\"li\",\"p:29394\",{\"className\":\"py-2 flex items-start justify-between gap-4\",\"children\":[[\"$\",\"div\",null,{\"className\":\"min-w-0 flex-1\",\"children\":[[\"$\",\"div\",null,{\"className\":\"flex flex-wrap items-baseline gap-x-2 gap-y-1 text-[14px]\",\"children\":[[\"$\",\"$L7\",null,{\"href\":\"/vendors/automad\",\"className\":\"font-medium text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink\",\"children\":\"Automad\"}],[[\"$\",\"span\",null,{\"className\":\"text-ink-subtle\",\"children\":\"/\"}],[\"$\",\"$L7\",null,{\"href\":\"/products/29394\",\"className\":\"font-medium text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink\",\"children\":\"Automad\"}]],[\"$\",\"span\",null,{\"title\":\"source: llm-fuzzy\",\"className\":\"text-[10px] uppercase tracking-[0.14em] font-semibold text-ink-subtle border border-line px-1.5 py-0.5\",\"children\":\"llm-fuzzy\"}],false]}],null,[\"$undefined\",[\"$\",\"div\",null,{\"className\":\"text-[12px] text-ink-muted mt-0.5\",\"children\":[[\"$\",\"span\",null,{\"className\":\"text-ink-subtle\",\"children\":\"Range:\"}],\" \",[\"$\",\"span\",null,{\"className\":\"font-mono\",\"children\":\"\u003c=1.10.9\"}]]}]],false,\"$undefined\",\"$undefined\"]}],false]}],[\"$\",\"li\",\"u:unspecified/automad\",{\"className\":\"py-2 flex items-start justify-between gap-4\",\"children\":[[\"$\",\"div\",null,{\"className\":\"min-w-0 flex-1\",\"children\":[[\"$\",\"div\",null,{\"className\":\"flex flex-wrap items-baseline gap-x-2 gap-y-1 text-[14px]\",\"children\":[\"$undefined\",[[\"$\",\"span\",null,{\"className\":\"font-medium text-ink-muted\",\"title\":\"Vendor name from advisory; not yet mapped to a canonical company\",\"children\":\"unspecified\"}],[\"$\",\"span\",null,{\"className\":\"text-ink-subtle\",\"children\":\"/\"}],[\"$\",\"span\",null,{\"className\":\"font-medium text-ink-muted\",\"title\":\"Product name from advisory; not yet mapped to a canonical product\",\"children\":\"automad\"}]],[\"$\",\"span\",null,{\"title\":\"source: v5\",\"className\":\"text-[10px] uppercase tracking-[0.14em] font-semibold text-ink-subtle border border-line px-1.5 py-0.5\",\"children\":\"v5\"}],false]}],null,[\"$undefined\",[\"$\",\"div\",null,{\"className\":\"text-[12px] text-ink-muted mt-0.5\",\"children\":[[\"$\",\"span\",null,{\"className\":\"text-ink-subtle\",\"children\":\"Range:\"}],\" \",[\"$\",\"span\",null,{\"className\":\"font-mono\",\"children\":\"1.10.0\"}]]}]],false,\"$undefined\",\"$undefined\"]}],\"$undefined\"]}]]}]]}],[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"Patches\"}],false]}],\"$undefined\",[\"$\",\"$L2d\",null,{\"cveId\":\"CVE-2022-1536\",\"pluginStatus\":\"$undefined\"}]]}],[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[\"$L2e\",false]}],\"$undefined\",\"$L2f\"]}],\"$L30\",\"$L31\"]}],\"$L32\"]}]\n"])</script><script>self.__next_f.push([1,"33:I[9649,[\"619\",\"static/chunks/619-ba102abea3e3d0e4.js\",\"516\",\"static/chunks/app/cves/%5Bid%5D/page-303c122bf639e11a.js\"],\"MechanicsPanel\"]\n2e:[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"Vulnerability mechanics\"}]\n2f:[\"$\",\"$L33\",null,{\"cveId\":\"CVE-2022-1536\"}]\n"])</script><script>self.__next_f.push([1,"30:[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"References\"}],[\"$\",\"span\",null,{\"className\":\"text-[12px] text-ink-subtle font-mono tabular-nums\",\"children\":2}]]}],\"$undefined\",[\"$\",\"ul\",null,{\"className\":\"divide-y divide-line border-y border-line\",\"children\":[[\"$\",\"li\",\"0\",{\"className\":\"py-2 leading-snug flex flex-wrap items-baseline gap-x-2 gap-y-0.5\",\"children\":[[\"$\",\"a\",null,{\"href\":\"https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting%28XSS%29.md\",\"target\":\"_blank\",\"rel\":\"noreferrer\",\"className\":\"text-[14px] text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink break-all\",\"children\":\"github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting%28XSS%29.md\"}],[\"$\",\"span\",null,{\"className\":\"flex flex-wrap items-center gap-1.5 text-[10px] uppercase tracking-[0.12em] text-ink-subtle font-mono\",\"children\":[[\"$\",\"span\",null,{\"children\":\"mitre\"}],[[\"$\",\"span\",\"0\",{\"className\":\"border border-line px-1 py-px\",\"children\":\"x_refsource_MISC\"}]]]}]]}],[\"$\",\"li\",\"1\",{\"className\":\"py-2 leading-snug flex flex-wrap items-baseline gap-x-2 gap-y-0.5\",\"children\":[[\"$\",\"a\",null,{\"href\":\"https://vuldb.com/?id.198706\",\"target\":\"_blank\",\"rel\":\"noreferrer\",\"className\":\"text-[14px] text-ink underline decoration-ink/30 underline-offset-2 hover:decoration-ink break-all\",\"children\":\"vuldb.com\"}],[\"$\",\"span\",null,{\"className\":\"flex flex-wrap items-center gap-1.5 text-[10px] uppercase tracking-[0.12em] text-ink-subtle font-mono\",\"children\":[[\"$\",\"span\",null,{\"children\":\"mitre\"}],[[\"$\",\"span\",\"0\",{\"className\":\"border border-line px-1 py-px\",\"children\":\"x_refsource_MISC\"}]]]}]]}]]}]]}]\n"])</script><script>self.__next_f.push([1,"31:[\"$\",\"section\",null,{\"children\":[[\"$\",\"header\",null,{\"className\":\"mb-4 flex items-baseline gap-3\",\"children\":[[\"$\",\"h2\",null,{\"className\":\"vyc-display text-xl text-ink\",\"children\":\"News mentions\"}],[\"$\",\"span\",null,{\"className\":\"text-[12px] text-ink-subtle font-mono tabular-nums\",\"children\":0}]]}],\"$undefined\",[\"$\",\"p\",null,{\"className\":\"text-[13px] text-ink-subtle italic\",\"children\":\"No linked articles in our index yet.\"}]]}]\n"])</script><script>self.__next_f.push([1,"32:[\"$\",\"aside\",null,{\"className\":\"lg:col-span-4 space-y-6\",\"children\":[[\"$\",\"section\",null,{\"className\":\"border border-line bg-white p-4\",\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3\",\"children\":\"Severity\"}],\"$undefined\",[\"$\",\"p\",null,{\"className\":\"text-[13px] text-ink-subtle italic\",\"children\":\"No CVSS score yet.\"}]]}],\"$undefined\",[\"$\",\"section\",null,{\"className\":\"border border-line bg-white p-4\",\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3\",\"children\":\"EPSS\"}],\"$undefined\",[[\"$\",\"div\",null,{\"className\":\"text-[11px] text-ink-subtle leading-relaxed mb-2\",\"children\":\"Probability of exploitation in the next 30 days.\"}],[\"$\",\"div\",null,{\"className\":\"flex items-baseline gap-2\",\"children\":[[\"$\",\"span\",null,{\"className\":\"font-mono text-2xl tabular-nums text-ink\",\"children\":\"0.64\"}],[\"$\",\"span\",null,{\"className\":\"text-[12px] text-ink-subtle\",\"children\":\"%\"}]]}],[\"$\",\"div\",null,{\"className\":\"mt-2 h-1.5 w-full bg-cream-dark/60\",\"children\":[\"$\",\"div\",null,{\"className\":\"h-full bg-ink\",\"style\":{\"width\":\"0.64%\"}}]}]]]}],[\"$\",\"section\",null,{\"className\":\"border border-line bg-white p-4\",\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3\",\"children\":\"VYPR risk score\"}],[\"$\",\"p\",null,{\"className\":\"text-[11px] text-ink-subtle leading-relaxed -mt-2 mb-3\",\"children\":\"Composite of severity, exploitation, and reach.\"}],[[\"$\",\"div\",null,{\"className\":\"flex items-baseline justify-between gap-2\",\"children\":[[\"$\",\"span\",null,{\"className\":\"font-mono text-2xl tabular-nums text-ink\",\"children\":\"0.00\"}],[\"$\",\"span\",null,{\"className\":\"text-[10px] uppercase tracking-[0.16em] font-bold text-emerald-900\",\"children\":\"low\"}]]}],[\"$\",\"div\",null,{\"className\":\"mt-2 h-1.5 w-full bg-cream-dark/60\",\"children\":[\"$\",\"div\",null,{\"className\":\"h-full bg-emerald-500\",\"style\":{\"width\":\"0.05120000000000001%\"}}]}],[\"$\",\"table\",null,{\"className\":\"w-full text-[12px] mt-3\",\"children\":[\"$\",\"tbody\",null,{\"children\":[[\"$\",\"tr\",\"cvss\",{\"className\":\"border-b border-line/60 last:border-b-0\",\"children\":[[\"$\",\"td\",null,{\"className\":\"py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]\",\"children\":\"cvss\"}],[\"$\",\"td\",null,{\"className\":\"py-1 text-right tabular-nums font-mono text-ink\",\"children\":\"0.000\"}]]}],[\"$\",\"tr\",\"epss\",{\"className\":\"border-b border-line/60 last:border-b-0\",\"children\":[[\"$\",\"td\",null,{\"className\":\"py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]\",\"children\":\"epss\"}],[\"$\",\"td\",null,{\"className\":\"py-1 text-right tabular-nums font-mono text-ink\",\"children\":\"0.001\"}]]}],[\"$\",\"tr\",\"exploit\",{\"className\":\"border-b border-line/60 last:border-b-0\",\"children\":[[\"$\",\"td\",null,{\"className\":\"py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]\",\"children\":\"exploit\"}],[\"$\",\"td\",null,{\"className\":\"py-1 text-right tabular-nums font-mono text-ink\",\"children\":\"0.000\"}]]}],[\"$\",\"tr\",\"kev\",{\"className\":\"border-b border-line/60 last:border-b-0\",\"children\":[[\"$\",\"td\",null,{\"className\":\"py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]\",\"children\":\"kev\"}],[\"$\",\"td\",null,{\"className\":\"py-1 text-right tabular-nums font-mono text-ink\",\"children\":\"0.000\"}]]}],[\"$\",\"tr\",\"patch\",{\"className\":\"border-b border-line/60 last:border-b-0\",\"children\":[[\"$\",\"td\",null,{\"className\":\"py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]\",\"children\":\"patch\"}],[\"$\",\"td\",null,{\"className\":\"py-1 text-right tabular-nums font-mono text-ink\",\"children\":\"0.000\"}]]}],[\"$\",\"tr\",\"ransomware\",{\"className\":\"border-b border-line/60 last:border-b-0\",\"children\":[[\"$\",\"td\",null,{\"className\":\"py-1 pr-2 text-ink-subtle uppercase tracking-[0.08em] text-[10px]\",\"children\":\"ransomware\"}],[\"$\",\"td\",null,{\"className\":\"py-1 text-right tabular-nums font-mono text-ink\",\"children\":\"0.000\"}]]}]]}]}]]]}],[\"$\",\"section\",null,{\"className\":\"border border-line bg-white p-4\",\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3\",\"children\":\"Weaknesses\"}],\"$undefined\",[\"$\",\"p\",null,{\"className\":\"text-[13px] text-ink-subtle italic\",\"children\":\"No CWEs mapped.\"}]]}],\"$L34\",\"$undefined\"]}]\n"])</script><script>self.__next_f.push([1,"35:I[622,[],\"IconMark\"]\n34:[\"$\",\"section\",null,{\"className\":\"border border-line bg-white p-4\",\"children\":[[\"$\",\"h3\",null,{\"className\":\"text-[11px] uppercase tracking-[0.16em] font-semibold text-ink mb-3\",\"children\":\"CVE ID\"}],\"$undefined\",[\"$\",\"code\",null,{\"className\":\"block font-mono text-[14px] text-ink font-semibold break-all\",\"children\":\"CVE-2022-1536\"}]]}]\n"])</script><script>self.__next_f.push([1,"1f:{\"metadata\":[[\"$\",\"title\",\"0\",{\"children\":\"CVE-2022-1536 · VYPR\"}],[\"$\",\"meta\",\"1\",{\"name\":\"description\",\"content\":\"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home\u003c/title\u003e\u003cscript\u003ealert(\\\"home\\\")\u003c/script\u003e\u003ctitle\u003e leads…\"}],[\"$\",\"meta\",\"2\",{\"name\":\"application-name\",\"content\":\"VYPR\"}],[\"$\",\"meta\",\"3\",{\"name\":\"keywords\",\"content\":\"CVE,vulnerability,security,KEV,exploit,CVSS,EPSS,advisory\"}],[\"$\",\"meta\",\"4\",{\"name\":\"robots\",\"content\":\"index, follow\"}],[\"$\",\"link\",\"5\",{\"rel\":\"canonical\",\"href\":\"https://portal.vyprsec.ai/cves/CVE-2022-1536\"}],[\"$\",\"meta\",\"6\",{\"property\":\"og:title\",\"content\":\"CVE-2022-1536\"}],[\"$\",\"meta\",\"7\",{\"property\":\"og:description\",\"content\":\"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home\u003c/title\u003e\u003cscript\u003ealert(\\\"home\\\")\u003c/script\u003e\u003ctitle\u003e leads…\"}],[\"$\",\"meta\",\"8\",{\"property\":\"og:url\",\"content\":\"https://portal.vyprsec.ai/cves/CVE-2022-1536\"}],[\"$\",\"meta\",\"9\",{\"property\":\"og:type\",\"content\":\"article\"}],[\"$\",\"meta\",\"10\",{\"property\":\"article:published_time\",\"content\":\"2022-04-29T13:10:12Z\"}],[\"$\",\"meta\",\"11\",{\"property\":\"article:modified_time\",\"content\":\"2025-04-15T14:40:54.853Z\"}],[\"$\",\"meta\",\"12\",{\"name\":\"twitter:card\",\"content\":\"summary_large_image\"}],[\"$\",\"meta\",\"13\",{\"name\":\"twitter:title\",\"content\":\"CVE-2022-1536\"}],[\"$\",\"meta\",\"14\",{\"name\":\"twitter:description\",\"content\":\"A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home\u003c/title\u003e\u003cscript\u003ealert(\\\"home\\\")\u003c/script\u003e\u003ctitle\u003e leads…\"}],[\"$\",\"link\",\"15\",{\"rel\":\"icon\",\"href\":\"/icon.svg?15c401d74412482c\",\"type\":\"image/svg+xml\",\"sizes\":\"any\"}],[\"$\",\"$L35\",\"16\",{}]],\"error\":null,\"digest\":\"$undefined\"}\n"])</script><script>self.__next_f.push([1,"24:\"$1f:metadata\"\n"])</script></body></html>