4 matches found
CVE-2022-1514
Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...
CVE-2022-1514 Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts
Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...
CVE-2022-1514
CVE-2022-1514 refers to a stored XSS vulnerability in FacturaScripts prior to 2022.06, triggered via the upload plugin functionality when handling ZIP-format plugins. The issue arises from unsanitized input in the plugin loading path (notably the PluginManager.php ini parameter per Veracode descr...
CVE-2022-1514 Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts
Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...