The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the upload and download functionality, which could be leveraged to escalate privileges or compromise any accounts they can coerce into observing the targeted files.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: TML
Published: 2022-10-31T20:07:42.527702Z
Updated: 2024-08-03T12:14:39.950Z
Reserved: 2022-09-08T00:00:00
Link: CVE-2022-40289
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-31T21:15:12.850
Modified: 2024-11-21T07:21:12.033
Link: CVE-2022-40289
Redhat
No data.