CVE-2022-39025
- EPSS 0.4%
- Veröffentlicht 31.10.2022 07:15:10
- Zuletzt bearbeitet 21.11.2024 07:17:24
U-Office Force PrintMessage function has insufficient filtering for special characters. An unauthenticated remote attacker can exploit this vulnerability to inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack.
CVE-2022-39026
- EPSS 0.15%
- Veröffentlicht 31.10.2022 07:15:10
- Zuletzt bearbeitet 21.11.2024 07:17:24
U-Office Force UserDefault page has insufficient filtering for special characters in the HTTP header fields. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform XSS (Stored Cross-Site Scriptin...
CVE-2022-39027
- EPSS 0.17%
- Veröffentlicht 31.10.2022 07:15:10
- Zuletzt bearbeitet 21.11.2024 07:17:24
U-Office Force Forum function has insufficient filtering for special characters. A remote attacker with general user privilege can inject JavaScript and perform XSS (Stored Cross-Site Scripting) attack.
CVE-2022-39021
- EPSS 0.26%
- Veröffentlicht 31.10.2022 07:15:09
- Zuletzt bearbeitet 21.11.2024 07:17:23
U-Office Force login function has an Open Redirect vulnerability. An unauthenticated remote attacker can exploit this vulnerability to redirect user to arbitrary website.