Medium severity4.8NVD Advisory· Published Jan 1, 2023· Updated Jun 17, 2026
CVE-2022-40711
CVE-2022-40711
Description
PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users.
Affected products
2- PrimeKey/EJBCA Communitydescription
Patches
Vulnerability mechanics
References
1- verneet.com/cve-2022-40711/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.