cvedb.io
CVE-2022-40912
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2022-09-28T14:15:11.007 · Last modified 2026-06-17T05:02:13.693

Summary

ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting (XSS). Input passed to the GET parameter 'action' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site.

Affected products

etaplighting — etap_safety_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when etaplighting ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.