2 matches found
CVE-2022-0724
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0724
Vulnerability summary (CVE-2022-0724): In microweber/microweber, versions before 1.3 store uploaded profile images with EXIF data intact, causing information disclosure. The root cause is that EXIF data is not stripped during upload, exposing user geolocation, device information, and software det...