Lucene search
China National Vulnerability DatabaseCNVD-2022-77491HistoryMay 25, 2022 - 12:00 a.m.
NetDataSoft DivvyDrive Cross-Site Scripting Vulnerability
2022-05-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
netdatasoft divvydrive
cross-site scripting
vulnerability
data validation
user-supplied data
javascript code
EPSS
0.001
Percentile
22.7%
NetDataSoft DivvyDrive is an enterprise file management and sharing system from the Turkish company NetDataSoft. Used to encrypt and store all data and allow secure access to your data from anywhere. cross-site scripting vulnerability exists in versions prior to NetDataSoft DivvyDrive v.4.6.2.0, which stems from the lack of data validation filtering of user-supplied data and output in aciklama parameters. An attacker could exploit the vulnerability to execute JavaScript code on the client side to obtain information about the userβs session.
Related
cvelist
cvelist
CVE-2022-0900 Cross-Site Scripting Vulnerability in DivvyDrive
2022-05-23 12:10:10
prion
prion
Cross site scripting
2022-05-23 14:16:00
cve
cve
CVE-2022-0900
2022-05-23 14:16:26
nvd
nvd
CVE-2022-0900
2022-05-23 14:16:26