8 matches found
CVE-2022-43140
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...
Cross site scripting
kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
CVE-2022-43140
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...
CVE-2022-43140
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...
CVE-2022-40879
kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...
Cross site scripting
kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...
CVE-2022-40879
kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...
CVE-2022-40879
kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...