CVE-2022-4444

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-4444

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4444.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-4444

Published

2022-12-13T09:15:09.120Z

Modified

2025-11-14T13:52:40.294536Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was found in ipti br.tag. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 2.13.0 is able to address this issue. The name of the patch is 7e311be22d3a0a1b53e61cb987ba13d681d85f06. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215431.

References

Affected packages

Git / github.com/ipti/br.tag

Affected ranges

Type: GIT
Repo: https://github.com/ipti/br.tag
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7e311be22d3a0a1b53e61cb987ba13d681d85f06

Affected versions

2.*

2.0.1

2.0.2

2.0.3

2.1.1

2.1.2

2.10.1

2.10.2

2.10.5

2.10.6

2.10.7

2.10.7f

2.12.0

2.2.1

2.3.1

2.3.2

2.3.3

2.4.1

2.5.1

v2.*

v2.10.2

v2.10.5

v2.6

v2.7.0

v2.8.0

v2.9.0