CVE-2022-25022

Name of the Vulnerable Software and Affected Versions Htmly version 2.8.1

Description A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts via a crafted payload in the content field of a blog post. This enables the execution of malicious HTML code.

Recommendations For Htmly version 2.8.1, consider disabling the blog post feature until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the content field to minimize the risk of malicious payload injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.