CVE-2022-0900
DivvyDrive is affected by a stored XSS in its aciklama parameter for versions prior to 4.6.2.0. The issue stems from improper neutralization of input during web page generation, enabling an attacker to execute JavaScript in a victim’s browser and potentially access session information. Remediatio...