2 matches found
CVE-2022-34025
Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the post function at /web/api/v1/upload/UploadHandler.php...
CVE-2022-34025
CVE-2022-34025 affects Vesta Control Panel (VestaCP) v1.0.0-5. The vulnerability is a cross-site scripting (XSS) in the POST path /web/api/v1/upload/UploadHandler.php (upload function). Root cause described as an XSS in the upload handler; impact indicators from NVD show Confidentiality: Low, Int...