CVE-2022-22847

2022-01-1006:02:23

mitre

www.cve.org

formpipe lasernet

file inclusion

web services

authentication

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

60.6%

JSON

Formpipe Lasernet before 9.13.3 allows file inclusion in Client Web Services (either by an authenticated attacker, or in a configuration that does not require authentication).

References

support.formpipe.com/news/posts/vulnerability-in-the-client-web-service-of-lasernet-9-and-older