2 matches found
CVE-2022-39035 Smart eVision - Stored XSS
Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. An unauthenticated remote attacker can inject JavaScript to perform XSS Stored Cross-Site Scripting attack...
CVE-2022-39035
CVE-2022-39035 concerns Smart eVision, where insufficient filtering of special characters in a POST Data parameter in a specific function enables an unauthenticated, remote attacker to inject JavaScript for a Stored XSS. Affected software is Smart eVision; the vulnerability stems from inadequate ...