CVE-2022-41706

🗓️ 25 Nov 2022 00:00:00Reported by Fluid AttacksType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 82 Views

Browsershot 3.57.2 allows remote file acces

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2022-41706	25 Nov 202220:15	–	circl
CNNVD	Spatie Browsershot 跨站脚本漏洞	25 Nov 202200:00	–	cnnvd
Cvelist	CVE-2022-41706 Browsershot 3.57.2 - Server Side XSS to LFR via URL	25 Nov 202200:00	–	cvelist
EUVD	EUVD-2022-7280	3 Oct 202520:07	–	euvd
Github Security Blog	Browsershot does not validate URL protocols passed to Browsershot URL method	25 Nov 202218:30	–	github
NVD	CVE-2022-41706	25 Nov 202218:15	–	nvd
OSV	GHSA-8C2C-JXWJ-JQGF Browsershot does not validate URL protocols passed to Browsershot URL method	25 Nov 202218:30	–	osv
Prion	Design/Logic Flaw	25 Nov 202218:15	–	prion
Positive Technologies	PT-2022-26035 · Unknown · Browsershot	25 Nov 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-41706	22 May 202523:41	–	redhatcve

NVD

Node

spatie browsershotMatch3.57.2

[
  {
    "collectionURL": "https://packagist.org",
    "defaultStatus": "unaffected",
    "packageName": "spatie/browsershot",
    "product": "Browsershot",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "3.57.2"
      }
    ]
  }
]