View at Official alpine advisory, NVD, CVE.org · CVE detail
Freshness: no update timestamp found; verify against the upstream OS advisory manually.
CVE-2022-25802: 1 source package rows (rt4); 4 state rows across 4 repos (3.20-community, 3.21-community, 3.22-community, edge-community); fixed 4, open 0.
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.