6 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-2514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the paramete...
CVE-2022-2514
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...
CVE-2022-2514
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...
CVE-2022-2514
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...
CVE-2022-2514
CVE-2022-2514 affects Fava (beancount) prior to v1.22, with a reflected XSS due to failure to escape error messages that echoed the time and filter parameters. This is a cross-site scripting vulnerability in the beancount/fava stack that can expose user data via crafted input. A GitHub commit ca9...
CVE-2022-2514 Cross-site Scripting (XSS) - Reflected in beancount/fava
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...