2 matches found
CVE-2022-0900
DivvyDrive is affected by a stored XSS in its aciklama parameter for versions prior to 4.6.2.0. The issue stems from improper neutralization of input during web page generation, enabling an attacker to execute JavaScript in a victim’s browser and potentially access session information. Remediatio...
CVE-2022-0900 Cross-Site Scripting Vulnerability in DivvyDrive
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NetDataSoft DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from unspecified before v.4.6.2.0...