5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
21.9%
PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an ‘Attack Tree’ by modifying the ‘svg_file’ parameter.
fluidattacks.com/advisories/brown/
github.com/1modm/petereport/issues/36