Arbitrary HTML Injection Vulnerability in BlueSpiceBookshelf Extension
CVE-2022-42001 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Cross-site Scripting (XSS) vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the book navigation.
Learn more about our User Device Pen Test.