CNNVD-202601-1903 Information

Jan 13, 2026 cve

CNNVD ID

CNNVD-202601-1903

CVE-2022-50937

CNNVD Published: 2026-01-13

Description (Chinese)

Ametys Cms是Ametys社区的用于在同一台服务器上运行大型企业网站，博客，Intranet 和 Extranet。一个用 Java 编写的免费开源内容管理系统。 Ametys CMS v4.4.1版本存在跨站脚本漏洞，该漏洞源于链接目录的输入字段存在存储型跨站脚本，可能导致攻击者注入恶意脚本代码。

Description (English)

Ametys Cms is a community of Ametys that runs large business websites, blogs, Intranet and Extranet on the same server. A free open source content management system with Java. Version Ametys CMS v4.4.1 has a cross-site script loophole, which stems from the existence of a stored cross-site script in the input field of the Link Directory, which may result in the aggressor injecting a malicious script code.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Ametys

Published

2026-01-13

Last Modified

2026-02-24

References

https://www.ametys.org/community/en/ametys-platform/ametys-portal/overview.html https://www.exploit-db.com/exploits/50692 https://www.vulncheck.com/advisories/ametys-cms-cross-site-scripting-xss https://www.vulnerability-lab.com/get_content.php?id=2275 https://access.redhat.com/security/cve/cve-2022-50937

Share on: