2 matches found
CVE-2022-2495
Microweber (GitHub: microweber/microweber) is affected by a stored Cross-site Scripting (XSS) vulnerability arising in versions prior to 1.2.21. The issue stems from how SVG uploads are handled, allowing stored XSS when users upload SVG files. Multiple sources (CVE-2022-2495 records, CNVD-2022-54...
CVE-2022-2495 Cross-site Scripting (XSS) - Stored in microweber/microweber
Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.2.21...