CVE-2022-23733 – A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the inj …

2 August 2022

Vuln ID: CVE-2022-23733

Published: 2022-08-02 16:15:10Z

Description: A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github’s Content Security Policy (CSP). This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.3.11, 3.4.6 and 3.5.3. This vulnerability was reported via the GitHub Bug Bounty program.

Source: NVD.NIST.GOV

Date:

2 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Protobom: Open-source software supply chain tool19 April 2024
The key pillars of domain security19 April 2024
Fraudsters abused Apple Stores’ third-party pickup policy to phish for profits19 April 2024
51% of enterprises experienced a breach despite large security stacks19 April 2024
Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums19 April 2024