CVE-2022-39834

Description

A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user.

Related CPE's

References

https://support.keyfactor.com/s/detail/a6x1Q000000CwCoQAK

CvssV3 impact

CvssV2 impact