CVE-2022-23068

Published: 2022-05-18T14:15Z

Last Modified: 2024-11-21T06:47Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside the first name and last name field while inviting a new user which will be reflected in the invitational e-mail. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt