VYPR
High severity8.8NVD Advisory· Published Nov 3, 2022· Updated Jun 17, 2026

CVE-2022-42750

CVE-2022-42750

Description

CandidATS version 3.0.0 allows an external attacker to steal the cookie of arbitrary users. This is possible because the application does not correctly validate the files uploaded by the user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.