Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-31544

Disclosure Date: May 16, 2023 (last updated October 08, 2023)
A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0