1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVE-2022-21948 – paste: XSS on the image upload function
https://notcve.org/view.php?id=CVE-2022-21948
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions. • https://bugzilla.suse.com/show_bug.cgi?id=1197930 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •