CVE-2022-25220

CVE-2022-25220

EPSS 0.5%

PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code inside the markdown descriptions while creating a product, report or finding.

Produtos afetados

n/a · PeTeReport

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://fluidattacks.com/advisories/armstrong/https://github.com/1modm/petereport/issues/35