cve/CVE-2022-42948.md at 43553e9af13bbdba84028635c21659dede3160a7

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

723 B

Raw Blame History

CVE-2022-42948

Description

Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.

POC

Reference

https://www.cobaltstrike.com/blog/

Github

https://github.com/Ostorlab/KEV
https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

723 B Raw Blame History

CVE-2022-42948

Description

POC

Reference

Github

723 B

Raw Blame History