CVE-2022-26494

An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name...

Cross site scripting

An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name...

CVE-2022-26494

An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name...

CVE-2022-26494

CVE-2022-26494 describes an XSS in PrimeKey SignServer Admin Web: an attacker can inject JavaScript by placing code in a worker name prior to a Generate CSR request. Exploitation requires authentication (admin) and targets SignServer versions before 5.8.1. The vulnerability arises from handling t...

PrimeKey SignServer 跨站脚本漏洞

PrimeKey SignServer is a multifunctional digital signature software from PrimeKey Sweden. Various digital signature use cases and formats are supported. A cross-site scripting vulnerability exists in the Admin web interface of PrimeKey SignServer prior to version 5.8.1. Exploitation of this...

PT-2022-17900 · Primekey · Primekey Signserver

Name of the Vulnerable Software and Affected Versions: PrimeKey SignServer versions prior to 5.8.1 Description: A cross-site scripting XSS issue was identified in the Admin Web interface. This issue can be exploited by using JavaScript code in a worker name before a Generate CSR request. It is...