{"vulnerability": "cve-2022-30110", "sightings": [{"uuid": "8016b901-4f71-4c67-8e34-c7588c8d84bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30110", "type": "seen", "source": "https://t.me/cibsecurity/42818", "content": "\u203c CVE-2022-30110 \u203c\n\nThe file preview functionality in Jirafeau &lt; 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file will be executed in the users' browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T18:27:46.000000Z"}]}