CVE-2022-43263
- Reference to the description:
- Description:
- A cross-site scripting (XSS) vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file.
- Last updated date:
- 11/16/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/16/2022
- Reference url to background
https://www.pizzapower.me/2022/10/11/guitar-pro-directory-traversal-and-filename-xss/