2 matches found
CVE-2022-44944
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Add Announcement function at /index.php?module=helppages/pages&entitiesid=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
CVE-2022-44944
CVE-2022-44944 affects Rukovoditel v3.2.1 with a stored XSS in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. A crafted payload in the Title field can execute script/HTML in a victim’s browser. Affected versions and exact path are supported by multiple connect...