Lucene search
Veracode Vulnerability DatabaseVERACODE:35574HistoryMay 17, 2022 - 10:09 a.m.
Arbitrary Code Injection
2022-05-1710:09:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
publify_core
arbitrary code injection
html_postprocess
feedback.rb
database vulnerability
user comments
EPSS
0.001
Percentile
36.3%
publify_core is vulnerable to arbitrary code injection. The vulnerability exists in html_postprocess in feedback.rb because the application doesn’t filter the user comments which allows an attacker to inject html codes in the database.
Related
osv
osv
CVE-2022-0578
2022-05-16 15:15:08
BIT-publify-2022-0578
2024-03-06 11:03:54
Publify vulnerable to code injection
2022-05-17 00:01:25
nvd
nvd
CVE-2022-0578
2022-05-16 15:15:08
cve
cve
CVE-2022-0578
2022-05-16 15:15:08
prion
prion
Code injection
2022-05-16 15:15:00
cvelist
cvelist
CVE-2022-0578 Code Injection in publify/publify
2022-05-16 14:31:45
huntr
huntr
Code Injection in publify/publify
2022-02-11 03:44:11
rubygems
rubygems
Code injection in publify
2022-05-16 21:00:00
github
github
Publify vulnerable to code injection
2022-05-17 00:01:25