Page 2 of 6 results (0.004 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-42188
https://notcve.org/view.php?id=CVE-2022-42188
In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. En Lavalite versión 9.0.0, la cookie XSRF-TOKEN es vulnerable a ataques de salto de ruta, permitiendo el acceso de lectura a archivos arbitrarios en el servidor • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •