CVE-2022-44955

Name of the Vulnerable Software and Affected Versions webtareas version 2.4p5

Description The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field in the Chat function. This enables the execution of malicious code, potentially leading to unauthorized actions on the affected system.

Recommendations For webtareas version 2.4p5, consider disabling the Chat function until a patch is available to prevent exploitation of the cross-site scripting vulnerability. Restrict access to the Messages field to minimize the risk of malicious payload injection.