High severity8.8NVD Advisory· Published Nov 3, 2022· Updated Jun 17, 2026
CVE-2022-42750
CVE-2022-42750
Description
CandidATS version 3.0.0 allows an external attacker to steal the cookie of arbitrary users. This is possible because the application does not correctly validate the files uploaded by the user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CandidATS/CandidATSdescription
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/castles/nvdExploitThird Party Advisory
- candidats.netnvdBroken LinkProduct
News mentions
0No linked articles in our index yet.