2 matches found
CVE-2022-39834
A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user...
CVE-2022-39834
CVE-2022-39834 describes a stored cross-site scripting vulnerability in PrimeKey EJBCA, specifically in adminweb/ra/viewendentity.jsp, affecting versions up to 7.9.0.2. A low-privilege user can store JavaScript to be executed in the context of a higher-privilege user. The connected documents conf...