CVE-2022-34009
Description
Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware.
References
Vendor Advisory
ExploitThird Party Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics