{"id":"CVE-2022-37059","details":"Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field","aliases":["GHSA-rh4r-9689-6xw4"],"modified":"2026-07-15T01:49:14.310313831Z","published":"2022-08-29T12:54:51Z","database_specific":{"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/37xxx/CVE-2022-37059.json"},"references":[{"type":"WEB","url":"https://drive.google.com/file/d/1lmU8zuyzyC9LHFXuXzamnkcLcjcfs0xE/view?usp=sharing"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/37xxx/CVE-2022-37059.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37059"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/intelliants/subrion","events":[{"introduced":"b8d2c1b2d71120bb55162722818f49ddcd064108"},{"last_affected":"b8d2c1b2d71120bb55162722818f49ddcd064108"}],"database_specific":{"cpe":"cpe:2.3:a:intelliants:subrion_cms:4.2.1:*:*:*:*:*:*:*","extracted_events":[{"introduced":"4.2.1"},{"last_affected":"4.2.1"}],"source":"CPE_STRING"}}],"versions":["4.2.1","v4.2.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-37059.json"}}],"schema_version":"1.7.5"}