Critical severity9.0NVD Advisory· Published Dec 14, 2022· Updated Jun 17, 2026
CVE-2022-31358
CVE-2022-31358
Description
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Proxmox/Proxmox Virtual Environmentdescription
- Range: <7.2-3
Patches
Vulnerability mechanics
References
4- starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/nvdExploitPatchTechnical DescriptionThird Party Advisory
- proxmox.comnvdProduct
- www.proxmox.com/en/nvdProduct
- git.proxmox.comnvd
News mentions
0No linked articles in our index yet.