Michael Bromley
3 exploits
Active since May 2022
Vendure asset-server-plugin < 2.3.3 and 3.0.0-3.0.5 - Path Traversal and Denial of Service via Malformed URI
CVSS 9.1
Vendure asset-server-plugin < 2.3.3 and 3.0.0-3.0.5 - Path Traversal and Denial of Service via Malformed URI
CVSS 9.1
Vendure 0.1.0-alpha.2-1.5.1 - Stored Cross-Site Scripting via SVG File Upload
CVSS 5.4