CVE-2022-23051

Summary

PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svg_file' parameter.

Affected Software

VendorProductVersion RangeStatus
n/aPeTeReport0.5affected

Weaknesses

  • Stored cross-site scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References