{"id":76066,"date":"2026-02-01T15:45:52","date_gmt":"2026-02-01T12:15:52","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2022-50942-inciga-web-2-8-2-client-side-cross-site-scripting-via-eventlistener\/"},"modified":"2026-02-01T15:45:52","modified_gmt":"2026-02-01T12:15:52","slug":"cve-2022-50942-inciga-web-2-8-2-client-side-cross-site-scripting-via-eventlistener","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2022-50942-inciga-web-2-8-2-client-side-cross-site-scripting-via-eventlistener\/","title":{"rendered":"CVE-2022-50942 &#8211; Inciga Web 2.8.2 Client-Side Cross-Site Scripting via EventListener"},"content":{"rendered":"<p>CVE ID : CVE-2022-50942<\/p>\n<p>Published :  Feb. 1, 2026, 12:15 p.m. | 59\u00a0minutes ago<\/p>\n<p>Description : Inciga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacking and non-persistent phishing attacks.<\/p>\n<p>Severity: 5.4 | MEDIUM<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2022-50942 Published : Feb. 1, 2026, 12:15 p.m. | 59\u00a0minutes ago Description : Inciga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacking and non-persistent &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-76066","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/76066","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=76066"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/76066\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=76066"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=76066"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=76066"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}