3 matches found
CVE-2022-43263
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
CVE-2022-43263
creationtimestamp| type| source ---|---|--- 2022-11-17 15:58:40+00:00| seen| https://t.me/cibsecurity/53047...
CVE-2022-43263
Arobas Music Guitar Pro for iPad/iPhone is affected by a cross-site scripting (XSS) vulnerability in versions prior to 1.10.2. The issue allows an attacker to inject arbitrary web scripts or HTML by crafting the name of a file uploaded to the app. The root cause is tied to handling of uploaded fi...