Vulnerability DatabaseCVE-2022-0571

CVE-2022-0571:
Linux Fedora vulnerability analysis and mitigation

Overview

A reflected Cross-site Scripting (XSS) vulnerability was discovered in the Phoronix Test Suite repository prior to version 10.8.2. The vulnerability was identified in February 2022 and assigned CVE-2022-0571. The Phoronix Test Suite is an automated, open-source testing framework designed for Linux operating systems (Fedora Update).

Technical details

The vulnerability was classified as a reflected XSS issue (CWE-79) affecting the input validation mechanisms in the Phoronix Test Suite. The issue was specifically related to the handling of HTML encoded characters and other potentially malicious strings in the Phoromatic functions (GitHub Commit).

Impact

The vulnerability could allow attackers to execute malicious scripts through the web interface, potentially leading to unauthorized access to user data or session hijacking (CVE Details).

Mitigation and workarounds

The vulnerability was patched in version 10.8.2 of the Phoronix Test Suite. The fix included additional input validation to reject HTML encoded characters and potentially dangerous strings such as 'document.write', '../', 'onerror', 'onload', and 'alert(' (GitHub Commit).

Additional resources

Source: This report was generated using AI

Related Linux Fedora vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-66287	HIGH	8.8	Alma Linux	webkitgtk-doc	No	Yes	Dec 04, 2025
CVE-2025-12744	HIGH	8.8	Linux Fedora	python3-abrt-container-addon	No	Yes	Dec 03, 2025
CVE-2025-13601	HIGH	7.7	CBL Mariner	glib2-devel	No	Yes	Nov 26, 2025
CVE-2025-13947	HIGH	7.4	Alma Linux	webkitgtk6.0	No	Yes	Dec 03, 2025
CVE-2025-63938	MEDIUM	6.5	Linux Debian	tinyproxy	No	Yes	Nov 26, 2025