Moderate severityNVD Advisory· Published Mar 12, 2022· Updated Aug 3, 2024
CVE-2022-26533
CVE-2022-26533
Description
Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/Xhofe/alistGo | >= 2.0.10, < 2.1.1 | 2.1.1 |
Affected products
2Patches
Vulnerability mechanics
Synthesis attempt was rejected by the grounding validator. Re-run pending.
References
4- github.com/advisories/GHSA-jpj5-hg26-6jgcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-26533ghsaADVISORY
- github.com/Xhofe/alist/commit/6af17e2509a400979420f613fd7f2f9721fdcd6eghsaWEB
- github.com/Xhofe/alist/issues/645ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.