CVE-2022-46785 - Prototype pollution leading to XSS
CVE: CVE-2022-46785
Description
Prototype pollution leading to XSS was found in SquaredUp for SCOM 5.5.1.8414.
What should you do?
If you are using a SquaredUp DS version earlier than 5.7.1.9085, update to version 5.7.1.9085 or later.
Affected and resolved software versions
| Product | Affected versions | Resolved versions |
| SCOM Edition | Versions earlier than 5.7.1.9085 | 5.7.1.9085 and later versions |
| Azure Edition | Versions earlier than 5.7.1.9085 | 5.7.1.9085 and later versions |
| Community Edition | Versions earlier than 5.7.1.9085 | 5.7.1.9085 and later versions |
Acknowledgement
SquaredUp would like to thank Kajetan Rostojek from ING Tech Poland for reporting this vulnerability.
Did you notice a vulnerability or need further help?
Please contact SquaredUp Support if you have any questions about this vulnerability or need further help.
If you believe you've found a different security vulnerability in one of our products please report it by emailing our support team so we can work on fixing it: security@squaredup.com
Revision history of this article
| 22.02.2023 | Initial release |
Comments
0 comments
Please sign in to leave a comment.