jieven

1 exploit Active since Mar 2022
CVE-2022-26555 GITEE MEDIUM java
Eova 1.6.0 - Stored Cross-Site Scripting via Button Name Text Box
A stored cross-site scripting (XSS) vulnerability in the Add a Button function of Eova v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the button name text box.
3,391 stars
CVSS 5.4