Vulnerabilities > CVE-2022-27176 - Unspecified vulnerability in Jscom products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

jscom

NVD

Published: 2022-06-14

Updated: 2024-11-21

Summary

Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using 'File Sanitization Option'), and RevoWorks Desktop 2.1.84 and prior versions (when using 'File Sanitization Option'), which may allow an attacker to execute a malicious macro by having a user to download, import, and open a specially crafted file in the local environment.

Vulnerable Configurations

Part	Description	Count
Application	Jscom Jscom Revoworks Scvx - Jscom Revoworks Scvx 1.0.43 Jscom Revoworks Desktop - Jscom Revoworks Desktop 2.1.84 Jscom Revoworks Browser - Jscom Revoworks Browser 2.1.197 Jscom Revoworks Browser 2.1.230 Jscom Revoworks Browser 2.2.67	8

Summary

Vulnerable Configurations

References