logo

Database

Reflected cross-site scripting (XSS) In github.com/argoproj/argo-cd

Description

Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-311022. NVD-2022-311023. OSV-2022-311024. OSV-GO-2022-05175. GHSA-pmjg-52h9-72qv6. GCVE-2022-311027. GHSA-pmjg-52h9-72qv

References

1. https://github.com/argoproj/argo-cd/security/advisories/GHSA-pmjg-52h9-72qv2. https://github.com/argoproj/argo-cd/commit/3800a1e49d1d5a00a6692fee83396a37a6abe89a3. https://github.com/argoproj/argo-cd/commit/8d5119b1e3038a2c1d8b651cb242525e9e734c4c4. https://github.com/argoproj/argo-cd/releases/tag/v2.3.65. https://github.com/argoproj/argo-cd/releases/tag/v2.4.5

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.