SeedDMS versions 6.0.18 and 5.1.25... CVE-2022-28479

3.5 AV AC AU C I A
发布: 2022-06-06
修订: 2024-11-21

SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the "Role management" menu and then trigger the payload by loading the "Users management" menu

0%
暂无可用Exp或PoC
当前有2条受影响产品信息