3 matches found
CVE-2022-41706
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method...
CVE-2022-41706 Browsershot 3.57.2 - Server Side XSS to LFR via URL
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method...
CVE-2022-41706
CVE-2022-41706 affects Browsershot version 3.57.2, where the URL protocol passed to Browsershot::url is not validated. This allows an external attacker to remotely obtain arbitrary local files. The available documents describe the vulnerability and impact (remote local file access) but do not pro...