Lucene search
K

4 matches found

NVD
NVD
added 2022/04/28 4:15 p.m.35 views

CVE-2022-1514

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...

9CVSS0.00732EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/04/28 3:50 p.m.35 views

CVE-2022-1514 Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...

9CVSS5.6AI score0.00732EPSS
Exploits1References2
CVE
CVE
added 2022/04/28 3:50 p.m.87 views

CVE-2022-1514

CVE-2022-1514 refers to a stored XSS vulnerability in FacturaScripts prior to 2022.06, triggered via the upload plugin functionality when handling ZIP-format plugins. The issue arises from unsanitized input in the plugin loading path (notably the PluginManager.php ini parameter per Veracode descr...

9CVSS5.8AI score0.00732EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/04/28 3:50 p.m.26 views

CVE-2022-1514 Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...

9CVSS7.5AI score0.00732EPSS
Exploits1References4
Rows per page
Query Builder