Vulnerability Details CVE-2022-23766
An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. In order to cause arbitrary files to be executed, the attacker makes the victim access a web page d by them or inserts a script using XSS into a general website.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.6%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-23766
-
cpe:2.3:a:bigfile:bigfileagent:-
-
cpe:2.3:o:microsoft:windows:-