Lucene search
Veracode Vulnerability DatabaseVERACODE:35661HistoryMay 24, 2022 - 3:08 a.m.
Cross-site Scripting (XSS)
2022-05-2403:08:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
cross-site scripting xss
stored cross-site scripting
input validation
arbitrary javascript
publify software
EPSS
0.001
Percentile
21.4%
publify is vulnerable to stored cross-site scripting attacks. The vulnerability exists in the resource_uploader.rb due to lack of input validation which allows an attacker to inject and execute arbitrary javascript.
Related
osv
osv
CVE-2022-1811
2022-05-23 16:16:06
Publify vulnerable to cross site scripting
2022-05-24 00:01:35
BIT-publify-2022-1811
2024-03-06 11:03:21
huntr
huntr
Bypass Restriction and File Upload Leads to XSS Stored - TXT to HTML
2022-05-19 23:52:38
rubygems
rubygems
Cross site scripting in publify
2022-05-23 21:00:00
cve
cve
CVE-2022-1811
2022-05-23 16:16:06
github
github
Publify vulnerable to cross site scripting
2022-05-24 00:01:35
cvelist
cvelist
cnvd
cnvd
Publify arbitrary file upload vulnerability
2022-05-25 00:00:00
nvd
nvd
CVE-2022-1811
2022-05-23 16:16:06
prion
prion
Unrestricted file upload
2022-05-23 16:16:00