CVE-2022-42974 | Kostal PIKO 1.5-1 file.bootloader.upload.html innerHTML filename cross site scripting

Inserito da Angelo Barbosa | Giu 22, 2024 | CVE

A vulnerability was found in Kostal PIKO 1.5-1. It has been classified as problematic. Affected is the function innerHTML of the file /file.bootloader.upload.html. The manipulation of the argument filename leads to cross site scripting.

This vulnerability is traded as CVE-2022-42974. It is possible to launch the attack remotely. There is no exploit available.

CVE-2022-42974 | Kostal PIKO 1.5-1 file.bootloader.upload.html innerHTML filename cross site scripting

Post correlati

CVE-2024-21170 | Oracle MySQL Server up to 8.4.0 Connector Python denial of service

CVE-2024-21094 | Oracle Java SE Hotspot Remote Code Execution

CVE-2024-32458 | FreeRDP up to 2.11.5/3.4.x out-of-bounds (GHSA-vvr6-h646-mp4p)

CVE-2023-5131 | Delta Electronics ISPSoft 3.02.11 DVP File heap-based overflow