← Back to CVE List
CVE-2022-4105
A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack (clickjacking) and an HTML injection which disables the use of the history page.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt