CVE-2022-25337
The CVE-2022-25337 entry affects Ibexa DXP ezsystems/ezpublish-kernel versions 7.5.x before 7.5.26 and 1.3.x before 1.3.12, where image filename handling allows injection attacks. The connected sources confirm the vulnerability is tied to image filename sanitization issues, enabling injection thr...