CVE-2022-35739 - Arbitrary CSS Injection in PRTG Network Monitor—What You Need to Know
CVE ID: CVE-2022-35739
Product: PRTG Network Monitor
Version Affected: Up to 22.2.77.2204
Severity: Medium
Exploitability: Local Access (Authenticated User)
Introduction
In 2022,
CVE-2022-3519 An unknown function of the component Quote Requests Tab is affected by a vulnerability.
According to Cisco advisory, Quote Requests Tab allows creating comments on quotes and could be exploited to inject malicious code. The exploitation of this vulnerability
CVE-2022-37599 A ReDoS flaw was found in Function interpolateName in webpack loader-utils 2.0.0 via the resourcePath variable.
A remote attacker could leverage this vulnerability to cause a denial of service (DoS) condition on a targeted system by injecting malicious JavaScript code into
CVE-2022-40248 An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4
An attacker can inject arbitrary HTML, script, or CSS into the "Product Affected" form field. This can lead to the disclosure of confidential
CVE-2022-3438 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
This is a known issue and has been fixed with the v2.5.0a5 release. We recommend using the latest version of Redirect. If you
Episode
00:00:00
00:00:00