CVE-2022-33009

CVE-2022-33009

EPSS 0.6%

A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lightcms.com https://github.com/eddy8/LightCMS https://github.com/eddy8/LightCMS/issues/30