DOM XSS vulnerability in EqualWeb Accessibility Widget versions 2.0.0 to 2.0.4, 2.1.10, 3.0.0 to 3.0.2, and 4.0.0 to 4.0.1
CVE-2022-42960 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EqualWeb Accessibility Widget 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.10, 3.0.0, 3.0.1, 3.0.2, 4.0.0, and 4.0.1 allows DOM XSS due to improper validation of message events to accessibility.js.
Learn more about our Web App Pen Testing.