PT-2022-24834 · Mygraph · Mygraph

Vry3N

Published

2022-09-24

Updated

2022-09-26

CVE-2022-39240

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions MyGraph versions prior to 1.0.4

Description MyGraph is a permission management system that is affected by a storage XSS vulnerability, which can lead to Remote Code Execution.

Recommendations For versions prior to 1.0.4, update to version 1.0.4 to resolve the issue. At the moment, there is no known workaround for this issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-80CWE-79

Related Identifiers

CVE-2022-39240

GHSA-HJ4J-923H-927J

Affected Products

Mygraph

PT-2022-24834 · Mygraph · Mygraph

CVE-2022-39240

Weakness Enumeration

Related Identifiers

Affected Products

References · 5