Vulnerabilities > Eramba > Eramba > c2.8.1

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-43342 Cross-site Scripting vulnerability in Eramba C2.8.1
A stored cross-site scripting (XSS) vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field.
network
low complexity
eramba CWE-79
5.4
5.4