A cross-site scripting vulnerability exists in PESCMS version V2.3.3, a content publishing platform. The vulnerability stems from App/Team/GET/Report.php missing a data validation filter for user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
pescms pescms v | eq | 2.3.3 |