Vulnerability DatabaseCVE-2022-45179

CVE-2022-45179:
Linux Alpine vulnerability analysis and mitigation

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user (authenticated to the product) can store arbitrary HTML code in the reminder section title in order to corrupt the web page (for example, by creating phishing sections to exfiltrate victims' credentials).

Source: NVD

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

5.4

Score

Published February 21, 2024

Severity MEDIUM

CNA Score 5.4

Affected Technologies

Linux Alpine

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 24.8

Exploitation Probability (EPSS) 0.1

Affected packages and libraries

vdesk

Sources

NVD
Alpine Security Tracker
- Alpine 3.10, 3.11, 3.12, 3.19, 3.20, 3.21 Severity MEDIUMNo FixAdded at: Nov 18, 2025
- Alpine 3.13, 3.14, 3.15, 3.16, 3.17, 3.18, edge Severity MEDIUMNo FixAdded at: Apr 03, 2024

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Linux Alpine vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-68121	N/A	N/A	Linux Debian	golang-1.19	No	Yes	Jan 16, 2026
CVE-2025-68119	N/A	N/A	Linux Debian	golang-1.19	No	Yes	Jan 16, 2026
CVE-2025-61731	N/A	N/A	Linux Debian	golang-1.15	No	Yes	Jan 16, 2026
CVE-2025-61730	N/A	N/A	Linux Debian	go	No	Yes	Jan 16, 2026
CVE-2025-61728	N/A	N/A	Linux Debian	go	No	Yes	Jan 16, 2026