CVE-2022-22701

Published January 10th, 2022

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files.

partkeepr/PartKeepr

Open Source Inventory Management

GitHub

1.53K