Medium severity6.1NVD Advisory· Published Jul 19, 2022· Updated Jun 17, 2026
CVE-2022-36304
CVE-2022-36304
Description
Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the generate_response function at /web/api/v1/upload/UploadHandler.php.
Affected products
2- Vesta/Vestadescription
- Range: = 1.0.0-5
Patches
Vulnerability mechanics
References
1- github.com/serghey-rodin/vesta/issues/2252nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.