No analysis available yet.
Vendor Solution
The vulnerability has already been fixed by the WEPA security team.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-45965 | WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions. |
Wed, 26 Mar 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2025-03-26T15:55:55.790Z
Reserved: 2022-10-13T00:00:00.000Z
Link: CVE-2022-42908
Updated: 2024-08-03T13:19:05.291Z
Status : Modified
Published: 2023-02-03T19:15:12.333
Modified: 2026-06-17T05:05:34.613
Link: CVE-2022-42908
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD