A cross-site scripting (xss) vulnerability exists in the...
Moderate severity
Unreviewed
Published
Aug 23, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Aug 22, 2022
Published to the GitHub Advisory Database
Aug 23, 2022
Last updated
Jan 30, 2023
A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.
References