MEDIUM 5.4 Maven
alkacon-OpenCMS vulnerable to stored Cross-site Scripting
GHSA-m44f-9jhg-59cr · CVE-2023-31544
Published · Modified
Description
A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module.
Ready to move
Start Securing
Free, no credit card | First findings in minutes