Vulnerability CVE-2022-41706


Published: 2022-11-25

Description:
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.

 References:
https://github.com/spatie/browsershot/
https://fluidattacks.com/advisories/eminem/

Copyright 2026, cxsecurity.com

 

Back to Top