CVE-2022-3245 Information

Description

HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS as the name implies injects JavaScript into the page. Both attacks exploit insufficient validation of user input.

Reference

https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0