Microweber drag and drop website builder and CMS with e-commerce. Cross-site Scripting (XSS) discovered in microweber prior to 1.2.12. There is currently no known workaround, users are recommended to update to version 1.2.12.

Affected Packages

Packagist microweber/microweber

Affected versions: 0 (fixed in 1.2.12)

Related CVEs

CVE-2022-0928

Key Information

GHSA ID

GHSA-jjp3-m93h-5jm4

Published

March 12, 2022 12:00 AM

Last Modified

March 24, 2022 11:19 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

microweber/microweber

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 4, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.