CVE-2022-24957

CVE-2022-24957

DHC Vision eQMS through 5.4.8.322 has Persistent XSS due to insufficient encoding of untrusted input/output. To exploit the vulnerability, the attacker has to create or edit a new information object and use the XSS payload as the name. Any user that opens the object’s version or history tab will be attacked.

Source: CVE-2022-24957

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다