CVE-2022-45892

Name of the Vulnerable Software and Affected Versions Planet eStream versions prior to 6.72.10.07

Description The issue involves multiple Stored Cross-Site Scripting (XSS) vulnerabilities in various components, including Disclaimer, Search Function, Comments, Batch editing tool, Content Creation, Related Media, Create new user, and Change Username.

Recommendations For versions prior to 6.72.10.07, update to version 6.72.10.07 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable components, such as the Search Function, Comments, and Content Creation, until a patch is applied. Avoid using the affected features, including Batch editing tool, Related Media, Create new user, and Change Username, until the issue is resolved.