1modm/petereport

1modm/petereport

1modm.github.io

Releases0

Stars502

PeTeReport is an open-source application vulnerability reporting tool.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-25220 ↗	Mar 3, 2022Thursday, 3 March 2022, 22:15	4.8 MEDIUM	3.5 LOW
PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code inside the markdown descriptions while creating a product, report or finding.
CVE-2022-23051 ↗	Mar 3, 2022Thursday, 3 March 2022, 22:15	5.4 MEDIUM	3.5 LOW
PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svg_file' parameter.
CVE-2022-23052 ↗	Mar 3, 2022Thursday, 3 March 2022, 22:15	6.5 MEDIUM	4.3 MEDIUM
PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application.