2 matches found
Rocket.Chat: Reflected Cross-Site Scripting(CVE-2022-32770 )
Vulnerability description not provided...
CVE-2022-32770
WWBN AVideo 11.6 and dev master commit 3f7c0364 are affected by a footer alerts XSS (CVE-2022-32770) due to insufficient sanitization of the toast parameter. The vulnerability allows arbitrary JavaScript execution in an authenticated user context by crafting HTTP requests; PoCs show vector usage ...