Lucene search
+L

4 matches found

nvd
nvd
added 2023/02/07 11:15 a.m.23 views

CVE-2022-21948

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions...

6.1CVSS5AI score0.00514EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2023/02/07 12:0 a.m.9 views

CVE-2022-21948 paste: XSS on the image upload function

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions...

4.3CVSS7.2AI score0.00514EPSS
Exploits1References1
cve
cve
added 2023/02/07 12:0 a.m.62 views

CVE-2022-21948

The CVE-2022-21948 issue is an XSS vulnerability in openSUSE paste’s image upload handling, caused by improper input neutralization during SVG processing. Affected: paste versions prior to b57b9f87e303a3db9465776e657378e96845493b. Impact: remote attacker can inject Javascript into SVG files. Expl...

6.1CVSS5.3AI score0.00514EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2023/02/07 12:0 a.m.33 views

CVE-2022-21948 paste: XSS on the image upload function

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions...

4.3CVSS6.5AI score0.00514EPSS
Exploits1References1
Rows per page
Query Builder