| |
Podatność CVE-2023-38910
Publikacja: 2023-08-18
| Opis: |
CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin. |
W naszej bazie, znaleźliśmy następujące noty dla tego CVE: | Tytuł | Autor | Data |
Low |
| Daniel Gonzalez | 04.09.2023 |
Typ:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
Referencje: |
https://github.com/desencrypt/CVE/tree/main/CVE-2023 -
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English