Vulnerability CVE-2023-31699


Published: 2023-05-17

Description:
ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file.

See advisories in our WLB2 database:
Topic
Author
Date
Low
ChurchCRM 4.5.4 Cross Site Scripting
Rahad Chowdhury
21.05.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/ChurchCRM/CRM/issues/6471

Copyright 2024, cxsecurity.com

 

Back to Top