Medium severity6.3NVD Advisory· Published Feb 21, 2024· Updated Jun 17, 2026
CVE-2024-22220
CVE-2024-22220
Description
An issue was discovered in Terminalfour 7.4 through 7.4.0004 QP3 and 8 through 8.3.19, and Formbank through 2.1.10-FINAL. Unauthenticated Stored Cross-Site Scripting can occur, with resultant Admin Session Hijacking. The attack vectors are Form Builder and Form Preview.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 7.4 - 7.4.0004 QP3, 8 - 8.3.19
Patches
Vulnerability mechanics
References
2- docs.terminalfour.com/release-notes/security-notices/cve-2024-22220/nvdVendor Advisory
- docs.terminalfour.com/articles/release-notes-highlights/nvdRelease Notes
News mentions
0No linked articles in our index yet.