4 matches found
CVE-2022-1345
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...
CVE-2022-1345
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...
CVE-2022-1345 Stored XSS viva .svg file upload in causefx/organizr
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...
CVE-2022-1345
CVE-2022-1345 affects Organizr (pre-2.1.1810). The issue is a file-upload validation flaw that allows uploading ".svg" files which can execute malicious scripts in the browser, enabling actions like session hijacking and sensitive data exposure. Root cause: lack of proper validation of uploaded f...