How severe is CVE-2022-27662?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2022-27662?

This is classified as CWE-1336, which is a common weakness in software security.

CVE-2022-27662 - MEDIUM Severity | CVSS 4.8

Vulnerability Description

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context of the server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Related Vulnerabilities

CVE-2024-35191

MEDIUM

CVSS:4.4(Medium)

Formie is a Craft CMS plugin for creating forms. Prior to 2.1.6, users with access to a form's settings can include malicious Twig code into fields that support Twig. These might be the Submission Tit...

CWE-13362024

CVE-2025-23376

MEDIUM

CVSS:4.4(Medium)

Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper Neutralization of Special Elements Used in a Template Engine vulnerability. A high privileged attacker ...

CWE-13362025

CVE-2022-0323

MEDIUM

CVSS:5.3(Medium)

Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1.

CWE-13362022

CVE-2025-26865

LOW

CVSS:3.5(Low)

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: from 18.12.17 before 18.12.18. It's a regression between 18.12.17 ...

CWE-13362025

CVE-2023-41047

MEDIUM

CVSS:6.5(Medium)

OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script that wi...

CWE-13362023

CVE-2024-55652

MEDIUM

CVSS:6.5(Medium)

PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the ...

CWE-13362024