Microweber versions 1.2.17 and prior are vulnerable to cross-site scripting. A patch is available on the `dev laravel9-php8` branch of the repository.

Affected Packages

Packagist microweber/microweber

Affected versions: 0 (last affected: 1.2.17)

Related CVEs

CVE-2022-2130

Key Information

GHSA ID

GHSA-27g3-58v4-fg9w

Published

June 21, 2022 12:00 AM

Last Modified

June 29, 2022 9:53 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

microweber/microweber

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 2, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.