CVE-2022-33009

2022-06-2722:28:25

mitre

www.cve.org

stored xss

lightcms v1.3.11

arbitrary web scripts

crafted pdf file

EPSS

0.001

Percentile

26.4%

JSON

A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.

References

lightcms.com

github.com/eddy8/LightCMS

github.com/eddy8/LightCMS/issues/30

EPSS

0.001

Percentile

26.4%

JSON

Related for CVELIST:CVE-2022-33009