VYPR
Medium severity4.8NVD Advisory· Published Jan 1, 2023· Updated Jun 17, 2026

CVE-2022-40711

CVE-2022-40711

Description

PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users.

Affected products

2
  • PrimeKey/EJBCA Communitydescription
  • PrimeKey/EJBCAllm-create
    Range: 7.9.0.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.