CVE

Github Repository von syncthing

Medium CVE-2022-46165: XSS in Syncthing webUI

Syncthing is a free continuous file synchronization application. It synchronizes files between one or more peers on all major operating systems. Syncthing (prior version 1.23.5) provides a local administration panel that is served via a built-in web service that is subject to a cross-site scripting (XSS) vulnerability.

#Writeup #CVE #Syncthing #XSS #Cross-Site Scripting #Pentest #CVE-2022-46165 #Security Audit

Von Moritz Kaumanns
21. Jul. 2023