CVE-2022-27979

2023-04-2600:00:00

mitre

www.cve.org

cross-site scripting

tooljet

web scripts

html

comment body component

crafted payload

cve-2022-27979

0.001 Low

EPSS

Percentile

23.7%

JSON

A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component.

References

tooljet.com

github.com/fourcube/security-advisories/blob/main/security-advisories/20220321-tooljet-xss.md

0.001 Low

EPSS

Percentile

23.7%

JSON

Related for CVELIST:CVE-2022-27979