CVE-2022-34834

CVE-2022-34834

EPSS 0.4%

An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://crashpark.weebly.com/blog/2-stored-xss-in-agilereporter-213-by-vermeg https://www.vermeg.com/agile-reporter/