CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jirafeau: >> Jirafeau >> 3.4.1 Security Vulnerabilities

CVE-2022-30110

The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file will be executed in the users' browser.

CVSS Score

6.1

EPSS Score

0.001

Published

2022-05-17

Page 1

Vulnerabilities

Vulnerable Software

Jirafeau: >> Jirafeau >> 3.4.1 Security Vulnerabilities

Products

Pricing

Contact Us