CVE-2022-4740
LOWKeking Kkfileview - XSS
Title source: ruleDescription
A vulnerability, which was classified as problematic, has been found in kkFileView. Affected by this issue is the function setWatermarkAttribute of the file /picturesPreview. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216776.
Exploits (1)
gitee
23,892 stars
by kailing · javawriteup
https://gitee.com/kekingcn/file-online-preview/issues/I674AC
Scores
CVSS v3
3.5
EPSS
0.0040
EPSS Percentile
60.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
keking/kkfileview
Published
Dec 25, 2022
Tracked Since
Feb 18, 2026