Medium severity6.1NVD Advisory· Published Feb 9, 2022· Updated Jun 17, 2026
CVE-2022-22812
CVE-2022-22812
Description
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web session compromise when an attacker injects and then executes arbitrary malicious JavaScript code inside the target browser. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)
Affected products
4- Schneider Electric/spaceLYnkdescription
- Range: <=V2.6.2
- Range: <=V2.6.2
- Range: <=V2.6.2
Patches
Vulnerability mechanics
References
1- download.schneider-electric.com/filesnvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.