4 matches found
kkFileView 4.0.0 - Cross-Site Scripting
kkFileView 4.0.0 contains multiple cross-site scripting vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java. id: CVE-2022-29349 info: name: kkFileView 4.0.0 - Cross-Site Scripting author: arafatansari severity: medium description: | kkFileView 4.0.0...
CVE-2022-29349
kkFileView v4.0.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
CVE-2022-29349
kkFileView 4.0.0 is affected by CVE-2022-29349, with multiple XSS vulnerabilities exposed via the url/currentUrl parameters in /controller/OnlinePreviewController.java. The issue enables injection of script code into a victim’s browser, potentially enabling session hijacking, defacement, or leaka...
CVE-2022-29349
kkFileView v4.0.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...