3 matches found
Rocket.Chat: Reflected Cross-Site Scripting(CVE-2022-32770 )
Vulnerability description not provided...
CVE-2022-32770
creationtimestamp| type| source ---|---|--- 2022-08-22 22:20:47+00:00| seen| https://t.me/cibsecurity/48540 2025-04-15 18:54:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11887...
CVE-2022-32770
WWBN AVideo 11.6 and dev master commit 3f7c0364 are affected by a footer alerts XSS (CVE-2022-32770) due to insufficient sanitization of the toast parameter. The vulnerability allows arbitrary JavaScript execution in an authenticated user context by crafting HTTP requests; PoCs show vector usage ...