CVE-2022-0571

Published: Feb 14, 2022Modified: Jun 17, 2026

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.

Affected (7)

Products: Phoronix Media: Phoronix Test Suite · Fedoraproject: Extra Packages For Enterprise Linux, Fedora

1 product

Phoronix Test Suite

2 products

Extra Packages For Enterprise Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phoronix Media Phoronix Test Suite	Before 10.8.2

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Extra Packages For Enterprise Linux	Version 7.0
Fedoraproject Extra Packages For Enterprise Linux	Version 8.0
Fedoraproject Extra Packages For Enterprise Linux	Version 9.0
Fedoraproject Fedora	Version 34
Fedoraproject Fedora	Version 35
Fedoraproject Fedora	Version 36

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (10)

https://github.com/phoronix-test-suite/phoronix-test-suite/commit/1eac9260c8313f0cfc77837ec676f4e6d68bd833

Source: security@huntr.dev

PatchThird Party Advisory

https://huntr.dev/bounties/a5039485-6e48-4313-98ad-915506c19ae8

Source: security@huntr.dev

ExploitThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQH5OWXAMWSM7H6VSBRDGTOE7UIOZHZ/

Source: security@huntr.dev

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQ2PBBODEOE3BUCYHL5CV47M72ST4I7S/

Source: security@huntr.dev

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QO32MBF3FS65K5YIC6CHXAJTLLPAXJED/

Source: security@huntr.dev

https://github.com/phoronix-test-suite/phoronix-test-suite/commit/1eac9260c8313f0cfc77837ec676f4e6d68bd833

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://huntr.dev/bounties/a5039485-6e48-4313-98ad-915506c19ae8

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQH5OWXAMWSM7H6VSBRDGTOE7UIOZHZ/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQ2PBBODEOE3BUCYHL5CV47M72ST4I7S/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QO32MBF3FS65K5YIC6CHXAJTLLPAXJED/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.