2 matches found
CVE-2022-36305
Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the body function at /web/api/v1/upload/UploadHandler.php...
CVE-2022-36305
Affected software: Vesta Control Panel (VestaCP) version v1.0.0-5. The issue is a cross-site scripting (XSS) vulnerability in the body function of UploadHandler.php (path: /web/api/v1/upload/UploadHandler.php). Root cause: improper handling of input in the UploadHandler, enabling XSS. Impact: pot...