VYPR

DocumentService

by Sofer

CVEs (1)

  • CVE-2023-5118MedJan 11, 2024
    risk 0.35cvss 5.4epss 0.00

    The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. This allows for the…