CVEs-PoC/2022/CVE-2022-2514.md at 8e2ebbf9bd04edab52d0cbcbc6c2f6e2cfdaa67d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 09:21:42 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

790 B

Raw Blame History

CVE-2022-2514

Description

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.

POC

Reference

https://huntr.dev/bounties/dbf77139-4384-4dc5-9994-45a5e0747429

Github

No PoCs found on GitHub currently.

790 B Raw Blame History

CVE-2022-2514

Description

POC

Reference

Github

790 B

Raw Blame History