CVE-2022-34834 Information

Description

An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log.

Reference

https://www.vermeg.com/agile-reporter/ https://crashpark.weebly.com/blog/2-stored-xss-in-agilereporter-213-by-vermeg