CVE-2022-28865
CVE-2022-28865 affects Nokia NetAct 22 via the Site Configuration Tool. A malicious user can rename an uploaded file with a JavaScript payload, which is stored and later executed by a victim’s browser. The common delivery method is placing the payload in a URL parameter exposed to victims, using ...