Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-1414

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.

Published

2022-10-19T18:15:11.707

Last Modified

2025-05-09T15:15:49.960

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-1173
Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	3scale_api_management	2.0	Yes

References

https://access.redhat.com/security/cve/CVE-2022-1414 Vendor Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2076794 Issue Tracking, Vendor Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2022-1414 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2076794 Issue Tracking, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)