Security Advisory

CVE-2022-39824

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-05 02:54:02

Last updated 2024-08-03 12:07:42

Assigner mitre

State PUBLISHED

Description

Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute arbitrary JavaScript code from the server via the currentItem property of the list widget, e.g., to perform DoS attacks or achieve an information leak.

← Browse all CVEs View on cve.org ↗