.. / CVE-2022-3242

Exploit for Microweber <1.3.2 - Cross-Site Scripting (CVE-2022-3242)

Description:

Code Injection in on search.php?keywords= GitHub repository microweber/microweber prior to 1.3.2.

Nuclei Template

View the template here CVE-2022-3242.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-3242.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-3242
https://huntr.dev/bounties/3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf/
https://www.tenable.com/cve/CVE-2022-3242
https://github.com/microweber/microweber/commit/68f0721571653db865a5fa01c7986642c82e919c