CVE-2022-46785 - Prototype pollution leading to XSS

CVE: CVE-2022-46785

Description

Prototype pollution leading to XSS was found in SquaredUp DS for SCOM 5.5.1.8414.

What should you do?

If you are using a SquaredUp DS version earlier than 5.7.1.9085, update to version 5.7.1.9085 or later.

Affected and resolved software versions

Product
Affected versions
Resolved versions
SquaredUp DS for SCOM
Versions earlier than 5.7.1.9085
5.7.1.9085 and later versions
SquaredUp DS for Azure
Versions earlier than 5.7.1.9085
5.7.1.9085 and later versions
SquaredUp DS Standalone
Versions earlier than 5.7.1.9085
5.7.1.9085 and later versions

Acknowledgement

SquaredUp would like to thank Kajetan Rostojek from ING Tech Poland for reporting this vulnerability.

Did you notice a vulnerability or need further help?

Please contact SquaredUp Support

If you believe you've found a different security vulnerability in one of our products please report it by emailing our support team so we can work on fixing it: [email protected]

Revision history of this article

22.02.2023
Initial release

Was this article helpful?


Have more questions or facing an issue?