2 matches found
CVE-2022-42188
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server...
CVE-2022-42188
CVE-2022-42188 affects Lavalite 9.0.0 where the XSRF-TOKEN cookie is vulnerable to path traversal, allowing read access to arbitrary server files. The root cause is a path traversal issue tied to the XSRF-TOKEN cookie handling. Documented impact is read access; other details such as exploit avail...