petereport_project CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

petereport_project vulnerability overview

Aggregates CVE and security vulnerability intelligence across all petereport_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Disclosed issues often relate to vendor risk cross-site scripting and vendor risk csrf; exposure may include vendor impact session compromise in vendor surface production workloads contexts.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2022-25220 PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code inside the markdown descriptions while creating a product, report or finding. [email protected] 4.8 0.55% 2022-03-03 2026-06-17
CVE-2022-23052 PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application. [email protected] 6.5 0.44% 2022-03-03 2026-06-17
CVE-2022-23051 PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svg_file' parameter. [email protected] 5.4 0.52% 2022-03-03 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence