Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-38911

Disclosure Date: August 18, 2023 (last updated October 08, 2023)
A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Gallery parameter in the YouTube URL fields.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0