CVE-2022-47187

Name of the Vulnerable Software and Affected Versions Generex CS141 versions prior to 2.06

Description The issue is related to a file upload XSS vulnerability. The web application allows file uploading, which makes it possible to upload a file with HTML content. When HTML files are allowed, an XSS payload can be injected into the uploaded file.

Recommendations For versions prior to 2.06, update to version 2.06 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to prevent exploitation until a patch is applied. Avoid allowing HTML files to be uploaded to minimize the risk of XSS payload injection.