CVE-2022-30360

OvalEdge 5.2.8.0 and earlier is affected by multiple Stored XSS AKA Persistent or Type II vulnerabilities via a POST request to /profile/updateProfile via the slackid or phone parameters. Authentication is required...

CVE-2022-30360

OvalEdge 5.2.8.0 and earlier is affected by multiple Stored XSS AKA Persistent or Type II vulnerabilities via a POST request to /profile/updateProfile via the slackid or phone parameters. Authentication is required...

OvalEdge 安全漏洞

OvalEdge is a solution from US-based OvalEdge that helps users create, manage and use data from a variety of sources through AI and human intelligence. A security vulnerability exists in OvalEdge version 5.2.8.0 and earlier, which stems from a POST request to /profile/updateProfile via the slacki...

PT-2024-11558 · Ovaledge · Ovaledge

Name of the Vulnerable Software and Affected Versions: OvalEdge versions 5.2.8.0 and earlier Description: The issue is related to multiple Stored XSS also known as Persistent or Type II vulnerabilities. These vulnerabilities can be exploited via a POST request to the "/profile/updateProfile" API...

CVE-2022-30360

OvalEdge 5.2.8.0 and earlier is affected by multiple Stored XSS AKA Persistent or Type II vulnerabilities via a POST request to /profile/updateProfile via the slackid or phone parameters. Authentication is required...

CVE-2022-30360

CVE-2022-30360 affects OvalEdge 5.2.8.0 and earlier. The vulnerability is described as multiple Stored XSS (Persistent/Type II) issues that can be triggered via a POST to the endpoint /profile/updateProfile using the slackid or phone parameters; authentication is required. The connected Red Hat/C...