Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:58 a.m.16 views

CVE-2022-25847

All versions of the package serve-lite are vulnerable to Cross-site Scripting XSS because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding...

6.1CVSS6AI score0.00582EPSS
Exploits1References1
NVD
NVD
added 2023/01/26 9:15 p.m.34 views

CVE-2022-25847

All versions of the package serve-lite are vulnerable to Cross-site Scripting XSS because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding...

6.1CVSS5.5AI score0.00582EPSS
Exploits1References2
CVE
CVE
added 2023/01/25 5:0 a.m.44 views

CVE-2022-25847

CVE-2022-25847 affects the serve-lite package. The root cause is that when a request targets a directory, the server renders a file listing with links that include actual file names without sanitization or output encoding, enabling Cross-site Scripting (XSS) via crafted filenames. Affected: all v...

6.1CVSS5.9AI score0.00582EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/25 5:0 a.m.9 views

CVE-2022-25847

All versions of the package serve-lite are vulnerable to Cross-site Scripting XSS because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding...

5.4CVSS6.2AI score0.00582EPSS
Exploits1References2
Rows per page
Query Builder