Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:3 a.m.6 views

CVE-2022-43984

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protoc...

8.2CVSS6.7AI score0.0061EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/11/25 12:0 a.m.40 views

CVE-2022-43984 Browsershot 3.57.3 - Server Side XSS to LFR via HTML

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protoc...

8.3AI score0.0061EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.5 views

CVE-2022-43984 Browsershot 3.57.3 - Server Side XSS to LFR via HTML

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protoc...

7.8AI score0.0061EPSS
Exploits1References2
CVE
CVE
added 2022/11/25 12:0 a.m.78 views

CVE-2022-43984

This CVE affects Browsershot 3.57.3. The issue arises because JS content imported from external sources passed to Browsershot::html may contain file:// URLs, and the application does not validate this, enabling an external attacker to remotely obtain arbitrary local files. Documents consistently ...

8.2CVSS8AI score0.0061EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder