{"id":"CVE-2022-39839","details":"Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post.","modified":"2026-04-10T04:50:29.798892Z","published":"2022-09-05T06:15:18.417Z","references":[{"type":"REPORT","url":"https://github.com/Cotonti/Cotonti/issues/1661"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cotonti/cotonti","events":[{"introduced":"0"},{"last_affected":"6a72416baa134498393998a405c2560edc520699"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.9.20"}]}}],"versions":["0.9.12","0.9.12.1","0.9.13","0.9.14","0.9.15","0.9.16","0.9.16.1","0.9.16.2","0.9.17","0.9.18","0.9.18.1","0.9.19","0.9.19-RC.1","0.9.19-rc1","0.9.20","cotonti-0.9.10","cotonti-0.9.11","cotonti-0.9.11.1","cotonti-0.9.3","cotonti-0.9.6","cotonti-0.9.7","cotonti-0.9.8"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39839.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}