CVE-2022-2925: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

September 9, 2022 (updated September 13, 2022)

Cross-site Scripting (XSS) - Stored in GitHub repository appwrite/appwrite prior to 1.0.0-RC1.

References

github.com/appwrite/appwrite/commit/b5b4d92623c13fa8e5c71736db461e81fb7a7ade
huntr.dev/bounties/a3b4148f-165f-4583-abed-5568696d99dc
nvd.nist.gov/vuln/detail/CVE-2022-2925

Code Behaviors & Features

Detect and mitigate CVE-2022-2925 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →