CVE-2022-46934

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

Cross site scripting

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

kkFileView 跨站脚本漏洞

Keking kkFileView is a Spring-Boot project to build online preview of documents by Keking Technology Keking. A security vulnerability exists in kkFileView v4.1.0, which stems from the /controller/OnlinePreviewController.java component's manipulation of the url parameter allowing an attacker to...

CVE-2022-46934

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

EUVD-2022-49713

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

CVE-2022-46934

kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...

CVE-2022-46934

kkFileView 4.1.0 is vulnerable to a Cross-Site Scripting (XSS) flaw in the url parameter of /controller/OnlinePreviewController.java. An attacker can inject arbitrary script into the victim’s browser, potentially stealing cookies or influencing page behavior. This aligns with multiple public repo...

kkFileView cross-site scripting vulnerability (CNVD-2023-00013)

kkFileView is China's Keking Technology Keking company's a Spring-Boot to create a file document online preview project . A cross-site scripting vulnerability exists in kkFileView, which stems from the setWatermarkAttribute function in the /picturesPreview file that allows an attacker to implemen...

CVE-2022-4740

A vulnerability, which was classified as problematic, has been found in kkFileView. Affected by this issue is the function setWatermarkAttribute of the file /picturesPreview. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2022-4740

A vulnerability, which was classified as problematic, has been found in kkFileView. Affected by this issue is the function setWatermarkAttribute of the file /picturesPreview. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in kkFileView. Affected by this issue is the function setWatermarkAttribute of the file /picturesPreview. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2022-4740

CVE-2022-4740 affects kkFileView, specifically the function setWatermarkAttribute in /picturesPreview. The vulnerability enables cross-site scripting and may be exploitable remotely; multiple sources state the exploit has been disclosed publicly. Affected versions are not consistently specified a...

CVE-2022-4740 kkFileView picturesPreview setWatermarkAttribute cross site scripting

A vulnerability, which was classified as problematic, has been found in kkFileView. Affected by this issue is the function setWatermarkAttribute of the file /picturesPreview. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

kkFileView 跨站脚本漏洞

kkFileView is China's Keking Technology Keking company's a Spring-Boot to create a file document online preview project . A cross-site scripting vulnerability exists in kkFileView, which stems from the setWatermarkAttribute function in the /picturesPreview file that allows an attacker to implemen...

PT-2022-28055 · Unknown · Kkfileview

Name of the Vulnerable Software and Affected Versions: kkFileView affected versions not specified Description: A problematic issue has been found in kkFileView, affecting the setWatermarkAttribute function of the file /picturesPreview. This issue leads to cross-site scripting and can be launched...

CVE-2022-43140

kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...

CVE-2022-43140

kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...

CVE-2022-43140

kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...

kkFileView 代码问题漏洞

Keking kkFileView is China's Keking Technology Keking company's Spring-Boot to build a file document online preview project . A security vulnerability exists in kkFileView v4.1.0, which stems from the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile containing server-side...

CVE-2022-43140

kkFileView 4.1.0 is vulnerable to a Server-Side Request Forgery (SSRF) in cn.keking.web.controller.OnlinePreviewController#getCorsFile. By injecting crafted URLs into the url parameter, an attacker can force the application to make arbitrary outbound requests, potentially exposing internal resour...