{"api_version":"1","generated_at":"2026-05-08T11:00:30+00:00","cve":"CVE-2022-23961","urls":{"html":"https://cve.report/CVE-2022-23961","api":"https://cve.report/api/cve/CVE-2022-23961.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-23961","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-23961"},"summary":{"title":"CVE-2022-23961","description":"In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface.","state":"PUBLISHED","assigner":"mitre","published_at":"2026-05-08 05:16:08","updated_at":"2026-05-08 05:16:08"},"problem_types":["n/a"],"metrics":[],"references":[{"url":"https://herolab.usd.de/security-advisories/usd-2021-0034/","name":"https://herolab.usd.de/security-advisories/usd-2021-0034/","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://herolab.usd.de/security-advisories/","name":"https://herolab.usd.de/security-advisories/","refsource":"cve@mitre.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-23961","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23961","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2026-05-08T04:18:23.670Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"url":"https://herolab.usd.de/security-advisories/"},{"url":"https://herolab.usd.de/security-advisories/usd-2021-0034/"}]}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2022-23961","datePublished":"2026-05-08T00:00:00.000Z","dateReserved":"2022-01-26T00:00:00.000Z","dateUpdated":"2026-05-08T04:18:23.670Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-08 05:16:08","lastModifiedDate":"2026-05-08 05:16:08","problem_types":["n/a"],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"23961","Ordinal":"1","Title":"CVE-2022-23961","CVE":"CVE-2022-23961","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"23961","Ordinal":"1","NoteData":"In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface.","Type":"Description","Title":"CVE-2022-23961"}]}}}