Vulnerabilities > Petereport Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-03	CVE-2022-23051	Cross-site Scripting vulnerability in Petereport Project Petereport 0.5 PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svg_file' parameter. network low complexity petereport-project CWE-79	5.4
2022-03-03	CVE-2022-23052	Cross-Site Request Forgery (CSRF) vulnerability in Petereport Project Petereport 0.5 PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application. network low complexity petereport-project CWE-352	6.5
2022-03-03	CVE-2022-25220	Cross-site Scripting vulnerability in Petereport Project Petereport 0.5 PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code inside the markdown descriptions while creating a product, report or finding. network low complexity petereport-project CWE-79	4.8

Vulnerabilities > Petereport Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Petereport Project"}]}