CVE-2022-38723

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-38723

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38723.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-38723

Aliases

GHSA-vp62-m958-qj8c

Published

2023-01-03T22:15:11.860Z

Modified

2025-11-14T13:36:03.908830Z

Severity

8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Gravitee API Management before 3.15.13 allows path traversal through HTML injection.

References

Affected packages

Git / github.com/gravitee-io/gravitee-api-management

Affected ranges

Type: GIT
Repo: https://github.com/gravitee-io/gravitee-api-management
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6679ad998df1d6d9714bcb3cc32a0e6dfcbe24de

Affected versions

0.*

0.10.0

0.11.0

0.12.0

0.12.1

0.13.0

0.13.1

0.14.0

0.14.1

0.15.0

0.16.0

0.17.0

0.17.1

0.18.0

0.19.0

0.19.1

0.19.2

0.3.0

0.4.0

0.5.0

0.6.0

0.7.0

0.8.0

0.8.1

0.8.2

0.9.0

1.*

1.0.0

1.0.1

1.1.0

1.10.0

1.10.1

1.10.2

1.10.3

1.10.4

1.11.0

1.11.1

1.11.2

1.11.3

1.11.4

1.12.0

1.12.1

1.12.2

1.12.3

1.12.4

1.13.0

1.13.1

1.13.2

1.13.3

1.14.0

1.14.1

1.14.2

1.14.3

1.14.4

1.15.0

1.15.1

1.15.2

1.15.3

1.15.4

1.15.5

1.15.6

1.15.7

1.16.0

1.16.1

1.16.2

1.16.3

1.16.4

1.16.5

1.16.6

1.17.0

1.18.0

1.18.1

1.18.2

1.18.3

1.19.0

1.19.1

1.19.2

1.19.3

1.2.0

1.20.0

1.20.1

1.20.10

1.20.11

1.20.12

1.20.13

1.20.14

1.20.15

1.20.16

1.20.17

1.20.18

1.20.19

1.20.2

1.20.3

1.20.4

1.20.5

1.20.6

1.20.7

1.20.8

1.20.9

1.21.0

1.21.1

1.21.2

1.21.3

1.21.4

1.21.5

1.22.0

1.22.1

1.22.2

1.22.3

1.23.0

1.23.1

1.23.2

1.24.0

1.24.1

1.25.0

1.25.1

1.25.10

1.25.11

1.25.12

1.25.13

1.25.14

1.25.15

1.25.16

1.25.17

1.25.18

1.25.19

1.25.2

1.25.20

1.25.21

1.25.22

1.25.23

1.25.24

1.25.3

1.25.4

1.25.5

1.25.6

1.25.7

1.25.8

1.25.9

1.26.0

1.26.1

1.27.0

1.27.1

1.27.2

1.27.3

1.28.0

1.28.1

1.28.2

1.28.3

1.28.4

1.28.5

1.28.6

1.29.0

1.29.1

1.29.2

1.29.3

1.29.4

1.29.5

1.29.6

1.3.0

1.3.1

1.3.3

1.30.0

1.30.1

1.30.10

1.30.11

1.30.12

1.30.13

1.30.14

1.30.15

1.30.16

1.30.17

1.30.18

1.30.19

1.30.2

1.30.20

1.30.21

1.30.22

1.30.23

1.30.24

1.30.25

1.30.26

1.30.27

1.30.28

1.30.29

1.30.3

1.30.30

1.30.31

1.30.4

1.30.5

1.30.6

1.30.7

1.30.8

1.30.9

1.4.0

1.4.1

1.4.2

1.5.0

1.5.1

1.6.0

1.6.1

1.6.2

1.7.0

1.8.0

1.8.1

1.8.2

1.8.3

1.8.4

1.9.0

1.9.1

1.9.2

3.*

3.0.0

3.0.0-alpha

3.0.0-beta

3.0.1

3.0.10

3.0.11

3.0.12

3.0.13

3.0.14

3.0.15

3.0.16

3.0.17

3.0.3

3.0.4

3.0.5

3.0.6

3.0.7

3.0.8

3.0.9

3.1.0

3.1.1

3.1.2

3.1.3

3.1.4

3.10.0

3.10.1

3.10.2

3.10.3

3.10.4

3.10.5

3.10.6

3.10.7

3.10.8

3.10.9

3.11.0

3.11.1

3.11.2

3.11.3

3.12.0

3.12.1

3.12.2

3.12.3

3.12.4

3.12.5

3.12.6

3.13.0

3.13.1

3.13.2

3.13.3

3.14.0

3.15.0

3.15.1

3.15.2

3.2.0

3.2.1

3.2.2

3.3.0

3.3.1

3.3.2

3.3.3

3.4.0

3.4.1

3.4.2

3.4.3

3.5.0

3.5.1

3.5.10

3.5.11

3.5.12

3.5.13

3.5.14

3.5.15

3.5.16

3.5.17

3.5.18

3.5.19

3.5.2

3.5.20

3.5.21

3.5.22

3.5.23

3.5.24

3.5.25

3.5.26

3.5.27

3.5.3

3.5.4

3.5.5

3.5.6

3.5.7

3.5.8

3.5.9

3.6.0

3.6.1

3.7.0

3.7.1

3.7.2

3.7.3

3.8.0

3.8.1

3.8.2

3.8.3

3.8.4

3.8.5

3.8.6

3.8.7

3.9.0

3.9.1

3.9.2

3.9.3

3.9.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38723.json"