Lucene search
China National Vulnerability DatabaseCNVD-2023-41501HistoryMay 20, 2023 - 12:00 a.m.
LavaLite Cross-Site Scripting Vulnerability (CNVD-2023-41501)
2023-05-2000:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
lavalite
cross-site scripting
vulnerability
content management system
version 9.0.0
user-supplied data
web script
html
injection
EPSS
0.001
Percentile
23.5%
LavaLite is an open source lightweight content management system (CMS). A cross-site scripting vulnerability exists in LavaLite version v9.0.0, which stems from the lack of effective filtering and escaping of user-supplied data by the account name, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.
Related
osv
osv
CVE-2023-30124
2023-05-18 01:15:09
LavaLite vulnerable to Cross Site Scripting
2023-05-18 03:30:20
cvelist
cvelist
CVE-2023-30124
2023-05-18 00:00:00
nvd
nvd
CVE-2023-30124
2023-05-18 01:15:09
github
github
LavaLite vulnerable to Cross Site Scripting
2023-05-18 03:30:20
prion
prion
Cross site scripting
2023-05-18 01:15:00
cve
cve
CVE-2023-30124
2023-05-18 01:15:09