| |
Podatność CVE-2023-25440
Publikacja: 2023-05-23
Opis: |
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field. |
W naszej bazie, znaleźliśmy następujące noty dla tego CVE: | Tytuł | Autor | Data |
Low |
| Andrea Intilange... | 20.05.2023 |
Typ:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
Referencje: |
https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html
https://civicrm.org/
|
|
|
Copyright 2024, cxsecurity.com
|
|
|