CVE-2022-41442

CVE-2022-41442

EPSS 0.4%

PicUploader v2.6.3 was discovered to contain cross-site scripting (XSS) vulnerability via the setStorageParams function in SettingController.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/xiebruce/PicUploader/commit/2b0411bddb7942e0ace136a82d4ccde0fe66f263 https://github.com/xiebruce/PicUploader/issues/80