2 matches found
CVE-2022-2065 Cross-site Scripting (XSS) - Stored in neorazorx/facturascripts
Cross-site Scripting XSS - Stored in GitHub repository neorazorx/facturascripts prior to 2022.06...
CVE-2022-2065
FacturaScripts (ERP) has a stored XSS in versions prior to 2022.06 caused by lack of filename validation, allowing an attacker to upload an SVG file that leads to script execution. The CVE is associated with CVE-2022-2065 across multiple advisories (NVD, RH, CNVD, OSV, etc.). The exposed componen...