mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-30 02:00:45 +00:00
861 B
861 B
CVE-2022-29851
Description
documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document.
POC
Reference
- https://packetstormsecurity.com/files/168242/OX-App-Suite-Cross-Site-Scripting-Command-Injection.html
- https://packetstormsecurity.com/files/168242/OX-App-Suite-Cross-Site-Scripting-Command-Injection.html
Github
No PoCs found on GitHub currently.