CVE-2022-42908

Description

WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions.

Related CPE's

Could not find any relations

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics