Unrated severityNVD Advisory· Published Jan 19, 2023· Updated Apr 3, 2025
CVE-2022-46889
CVE-2022-46889
Description
A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <1.7.33
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.