CVE-2022-0954

Name of the Vulnerable Software and Affected Versions microweber/microweber versions prior to 1.2.11

Description The issue concerns multiple stored cross-site scripting vulnerabilities found in specific settings of the microweber application, including Shop's Other Settings, Shop's Autorespond E-mail Settings, and Shops' Payments Methods.

Recommendations For versions prior to 1.2.11, update to version 1.2.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable settings until the update can be applied. Avoid using the vulnerable settings in Shop's Other Settings, Shop's Autorespond E-mail Settings, and Shops' Payments Methods until the issue is resolved.