CVE-2022-34834

CVE-2022-34834

EPSS 0.4%

An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://crashpark.weebly.com/blog/2-stored-xss-in-agilereporter-213-by-vermeg https://www.vermeg.com/agile-reporter/