CVE-2022-42188

Published October 18th, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

1

PROJECT

Description

In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.

nu11secur1ty/CVE-nu11secur1ty

GitHub

53