2 matches found
CVE-2022-32763
A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-32763
CVE-2022-32763 is a high-severity XSS bypass in Lansweeper 10.1.1.0, involving the SanitizeHtml function. Talos confirms a bypass of sanitization that allows arbitrary JavaScript injection via a specially crafted HTTP request. The vulnerability affects how user-provided HTML content is sanitized,...