Vulnerabilities > Csaf Provider Project

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-43996 Cross-site Scripting vulnerability in Csaf Provider Project Csaf Provider
The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html.
network
low complexity
csaf-provider-project CWE-79
5.4