WEPA Print Away is vulnerable to a... CVE-2022-42908

- AV AC AU C I A
发布: 2023-02-03
修订: 2024-11-21

WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息