CVE-2022-23051

CVE-2022-23051

EPSS 0.5%

PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svg_file' parameter.

Produtos afetados

n/a · PeTeReport

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://fluidattacks.com/advisories/brown/https://github.com/1modm/petereport/issues/36