cve/CVE-2022-41343.md at 43553e9af13bbdba84028635c21659dede3160a7

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

883 B

Raw Blame History

CVE-2022-41343

Description

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

POC

Reference

https://tantosec.com/blog/cve-2022-41343/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Amodio/h5p_quiz
https://github.com/BKreisel/CVE-2022-41343
https://github.com/BKreisel/CVE-2022-46169
https://github.com/fardeen-ahmed/Bug-bounty-Writeups
https://github.com/nomi-sec/PoC-in-GitHub

883 B Raw Blame History

CVE-2022-41343

Description

POC

Reference

Github

883 B

Raw Blame History