CVE-2022-42991
EUVD-2022-4604027.10.2022, 14:15
A stored cross-site scripting (XSS) vulnerability in Simple Online Public Access Catalog v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Account Full Name field.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| simple_online_public_access_catalog_project | simple_online_public_access_catalog | 1.0 |
𝑥
= Vulnerable software versions