| |
Vulnerability CVE-2023-38910
Published: 2023-08-18
| Description: |
CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin. |
See advisories in our WLB2 database: | Topic | Author | Date |
Low |
| Daniel Gonzalez | 04.09.2023 |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References: |
https://github.com/desencrypt/CVE/tree/main/CVE-2023 -
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
