3 matches found
CVE-2022-32771
A cross-site scripting xss vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger...
CVE-2022-32771
A cross-site scripting xss vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger...
CVE-2022-32771
WWBN AVideo 11.6 and the dev master commit 3f7c0364 are affected by a cross-site scripting (XSS) vulnerability in the footer alerts functionality driven by the 'success' parameter. The issue arises because the parameter is inserted into the page with insufficient sanitization, allowing an attacke...