2 matches found
CVE-2022-42991
A stored cross-site scripting XSS vulnerability in Simple Online Public Access Catalog v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Account Full Name field...
CVE-2022-42991
CVE-2022-42991 is a stored XSS vulnerability in Simple Online Public Access Catalog v1.0, exploitable by injecting a crafted payload into the Edit Account Full Name field. The issue allows execution of arbitrary scripts/HTML in the victim’s browser and is constrained by user interaction (UI:R) wi...