CVE-2022-46181

The CVE-2022-46181 entry describes an XSS vulnerability in Gotify server prior to version 2.2.2. Authenticated users could upload .html files via the image upload functionality, enabling client‑side script execution if another user clicked a crafted link (e.g., an image path with an HTML file). T...