{"id":"CVE-2022-30874","details":"There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02.","aliases":["GHSA-pm37-5j5m-6cvw"],"modified":"2026-03-15T14:47:20.649227Z","published":"2022-06-21T15:15:09.157Z","references":[{"type":"PACKAGE","url":"https://github.com/nukeviet/nukeviet"},{"type":"EVIDENCE","url":"https://blog.stmcyber.com/vulns/cve-2022-30874/"},{"type":"EVIDENCE","url":"https://whitehub.net/submissions/2968"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nukeviet/nukeviet","events":[{"introduced":"0"},{"fixed":"1f328bb8cd256f88bd45fc3ec5a50ae951da2501"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.5.02"}]}}],"versions":["3.0.05","3.0.06","3.0.07","3.0.08","3.0.12","3.1","3.1.00","3.1.01","3.1.02","3.1.03","3.2.00","3.3","3.4.02","4.0.00","4.0.01","4.0.02","4.0.03","4.0.05","4.0.06","4.0.07","4.0.09","4.0.10","4.0.11","4.0.12","4.0.13","4.0.14","4.0.15","4.0.16","4.0.17","4.0.18","4.0.21","4.0.22","4.0.23","4.0.24","4.0.25","4.0.26","4.0.27","4.0.28","4.0.29","4.1.01","4.1.02","4.2.02","4.2.03","4.3.00","4.3.01","4.3.02","4.3.03","4.3.04","4.3.05","4.3.06","4.3.07","4.3.08","4.4.00","4.4.01","4.4.02","4.5.00","4.5.01"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-30874.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}