High severityNVD Advisory· Published Oct 18, 2022· Updated May 13, 2025
CVE-2022-42188
CVE-2022-42188
Description
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Lavalite/Lavalitedescription
- ghsa-coords
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.