4 matches found
CVE-2022-0930
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12...
CVE-2022-0930
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12...
CVE-2022-0930 File upload filter bypass leading to stored XSS in microweber/microweber
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12...
CVE-2022-0930
CVE-2022-0930 affects microweber/microweber. The issue is a file upload filter bypass that allows stored XSS via uploaded HTML-like files, reported for versions prior to 1.2.12. The root cause is inadequate validation/filtration of uploads enabling JavaScript execution on access. Remediation per ...