Moderate severityNVD Advisory· Published Sep 20, 2022· Updated May 27, 2025
Code Injection in display of tag title on saving tags in microweber/microweber
CVE-2022-3245
Description
HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
microweber/microweberPackagist | < 1.3.2 | 1.3.2 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-gm8c-w9cm-c445ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-3245ghsaADVISORY
- github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfcghsax_refsource_MISCWEB
- huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.