6 matches found
CVE-2025-1022
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...
CVE-2025-1022
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...
CVE-2025-1022
creationtimestamp| type| source ---|---|--- 2025-02-05 05:08:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113949546296359039 2025-02-05 05:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhfsvjh7k62t 2025-02-05 06:48:35+00:00| seen|...
CVE-2025-1022
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...
CVE-2025-1022
Versions of spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html(). An attacker can bypass validation by omitting slashes in the file URI (for example, file:../../../../etc/passwd), due to missing input filtering that sh...
CVE-2025-1022
Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...