Security Advisory

CVE-2022-23068

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-18 11:45:15

Last updated 2024-09-17 03:18:50

Assigner Mend

State PUBLISHED

Description

ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside the first name and last name field while inviting a new user which will be reflected in the invitational e-mail.

← Browse all CVEs View on cve.org ↗