Created
March 21, 2022 20:52
-
-
Save garakh/e0e2fe6d6e234f0595dea6a8141568f2 to your computer and use it in GitHub Desktop.
Description of CVE-2022-25266, CVE-2022-25267, CVE-2022-25268, CVE-2022-25269
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE-2022-25266 | |
| Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files). | |
| After authorization with the Owner account, it will be possible to read files located outside the web directory on the server | |
| Discoverer: Positive technologies, Arian Rakhimi | |
| CVE-2022-25267 | |
| Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files). | |
| After logging in with the Owner account, an intruder has the ability to upload arbitrary files by sending specially generated HTTP requests | |
| Discoverer: Positive technologies, Arian Rakhimi | |
| CVE-2022-25268 | |
| Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems. | |
| CSRF token value does not change during the session and can be obtained by an attacker as a result of exploitation of the "Cross-site scripting" vulnerability. | |
| Discoverer: Positive technologies, Arian Rakhimi | |
| CVE-2022-25269 | |
| Passwork On-Premise Edition before 4.6.13 has multiple XSS issues. | |
| An attacker can inject arbitrary HTML tags, including JavaScript scripts, into a page processed by a user's browser | |
| Discoverer: Positive technologies, Roman Poneev |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment