VYPR
Unrated severityNVD Advisory· Published Jul 19, 2022· Updated Aug 3, 2024

CVE-2022-36303

CVE-2022-36303

Description

Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the handle_file_upload function at /web/api/v1/upload/UploadHandler.php.

Affected products

2
  • Vesta/Vestadescription
  • Outroll/Vestallm-fuzzy
    Range: =v1.0.0-5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.