DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2022-4455

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-4455

Severity

6.1

Medium

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

A vulnerability was identified in sproctor php-calendar up to 2.0.13. This impacts an unknown function of the file index.php. Such manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be launched remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is advisable to implement a patch to correct this issue.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2022-4455
  • https://github.com/advisories/GHSA-3957-4jhv-xcc7
  • https://vuldb.com/?ctiid.215445
  • https://github.com/sproctor/php-calendar/commit/a2941109b42201c19733127ced763e270a357809
  • https://vuldb.com/?id.215445

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal