Lucene search
China National Vulnerability DatabaseCNVD-2022-77826HistoryMay 18, 2022 - 12:00 a.m.
Total Avengers Totaljs Framework Cross-Site Scripting Vulnerability
2022-05-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
21.4%
Total Avengers Totaljs Framework is a Javascript-based code base for building web, desktop, service or IoT applications from Total Avengers, Slovakia. The application is similar to PHPs Laravel, Pythons Django, ASP.NET MVC for building Node applications.A cross-site scripting vulnerability exists in Total Avengers Totaljs Framework version 3.4.5, which stems from a stored cross-site scripting issue in the upload functionality. An attacker can execute arbitrary Web scripts via PDF files embedded with JavaScript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| total avengers totaljs framework | eq | 3.4.5 |
Related
nvd
nvd
CVE-2022-30013
2022-05-16 14:15:08
prion
prion
Cross site scripting
2022-05-16 14:15:00
osv
osv
CVE-2022-30013
2022-05-16 14:15:08
cvelist
cvelist
CVE-2022-30013
2022-05-16 13:29:33
cve
cve
CVE-2022-30013
2022-05-16 14:15:08
veracode
veracode
Cross-Site Scripting (XSS)
2022-05-18 13:14:45