VYPR
Unrated severityNVD Advisory· Published Feb 20, 2022· Updated Aug 3, 2024

Openmct XSS via the “Web Page” element

CVE-2022-22126

Description

Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Web Page” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nasa/openmctllm-fuzzy
    Range: >=1.3.0, <=1.7.7
  • nasa/openmctv5
    Range: 1.7.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.