How severe is CVE-2022-2256?

This vulnerability has a severity rating of LOW with a CVSS score of 3.8 out of 10.

What type of vulnerability is CVE-2022-2256?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2022-2256

LOW Year: 2022

CVSS v3 Score

3.8

Low

Weakness Type

CWE-79

View all →

Vulnerability Description

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

CVE-2021-3830

LOW

CVSS:3.8(Low)

btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-792021

CVE-2022-1530

LOW

CVSS:3.8(Low)

Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.

CWE-792022

CVE-2023-3142

LOW

CVSS:3.8(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.

CWE-792023

CVE-2024-13116

LOW

CVSS:3.8(Low)

The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks e...

CWE-792024

CVE-2024-13308

LOW

CVSS:3.8(Low)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Butto...

CWE-792024

CVE-2024-2972

LOW

CVSS:3.8(Low)

The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.1.9 does not sanitise and escape some of its settings, ...

CWE-792024

CVE-2022-2256

Vulnerability Description

Related Vulnerabilities

CVE-2021-3830

CVE-2022-1530

CVE-2023-3142

CVE-2024-13116

CVE-2024-13308

CVE-2024-2972