A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-08-17T20:38:00
Updated: 2024-08-03T09:29:17.331Z
Reserved: 2022-07-04T00:00:00
Link: CVE-2022-35133
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-17T21:15:09.477
Modified: 2024-11-21T07:10:47.937
Link: CVE-2022-35133
Redhat
No data.