2 matches found
CVE-2022-40004
Cross Site Scripting XSS vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log...
CVE-2022-40004
CVE-2022-40004 concerns a Cross Site Scripting (XSS) flaw in Things Board 3.4.1. Publicly documented details in the connected sources indicate that a crafted URL to the Audit Log can be used by a remote attacker to escalate privileges. The risk is described with high/severe impact in CVSS metrics...