CVE-2022-33009

CVE-2022-33009

EPSS 0.6%

A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://lightcms.com https://github.com/eddy8/LightCMS https://github.com/eddy8/LightCMS/issues/30