CVE-2022-48197
CVE-2022-48197
Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/ryan412/CVE-2022-48197★ 0cve_referencepacketstormsecurity.com/files/171633/Yahoo-User-Interface-TreeView-2.8.2-Cross-Site-Scripting.htmlunverifiedexploitdbwww.exploit-db.com/exploits/51198unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/171633/Yahoo-User-Interface-TreeView-2.8.2-Cross-Site-Scripting.htmlhttps://github.com/ryan412/CVE-2022-48197https://github.com/ryan412/CVE-2022-48197/blob/main/README.mdhttps://github.com/yui/yui2/blob/yui2-2.8.2-8/sandbox/treeview/inc-rightbar.phphttps://github.com/yui/yui2/tagshttps://literatejava.com/security/is-it-really-a-cve-reported-xss-in-yui-2-8-2/