CVE-2022-28379

Name of the Vulnerable Software and Affected Versions Nginx Proxy Manager versions prior to 2.9.17

Description The issue exists due to inadequate protection of the web page structure in the proxy manager. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability allows for XSS during item deletion.

Recommendations For versions prior to 2.9.17, update to version 2.9.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the item deletion functionality until a patch is available.