Lucene search
PRIOn knowledge basePRION:CVE-2022-43984HistoryNov 25, 2022 - 5:15 p.m.
Code injection
2022-11-2517:15:00
PRIOn knowledge base
www.prio-n.com
5
code injection
browsershot
remote obtain
arbitrary local files
external attacker
validate
js content
file protocol
nvd
Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protocol.
| CPE | Name | Operator | Version |
|---|---|---|---|
| browsershot | eq | 3.57.3 |
Related
veracode
veracode
Cross Site Scripting (XSS)
2022-11-28 07:53:27
cvelist
cvelist
CVE-2022-43984
2022-11-25 00:00:00
osv
osv
CVE-2022-43984
2022-11-25 17:15:10
Browsershot version 3.57.3 vulnerable to improper input validation
2022-11-25 18:30:25
cve
cve
CVE-2022-43984
2022-11-25 17:15:10
nvd
nvd
CVE-2022-43984
2022-11-25 17:15:10
github
github
Browsershot version 3.57.3 vulnerable to improper input validation
2022-11-25 18:30:25