Unknown · Stackstorm · CVE-2022-43706
**Name of the Vulnerable Software and Affected Versions**
StackStorm versions prior to 3.8.0
**Description**
A cross-site scripting (XSS) issue in the Web UI allows logged-in users with write access to pack rules to inject arbitrary script or HTML, which may be executed in the Web UI for other logged-in users.
**Recommendations**
For versions prior to 3.8.0, update to version 3.8.0 or later to resolve the issue.