MEDIUM 6.1
CVE-2022-43363
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| telegram | telegram | Android | — | cpe:2.3:a:telegram:telegram:15.3.1:*:*:*:*:-:*:* |
| telegram | telegram | iOS | — | cpe:2.3:a:telegram:telegram:15.3.1:*:*:*:*:-:*:* |