CVE-2023-52257

LogoBee 0.2 allows updates.php?id= XSS...

CVE-2023-52257

LogoBee 0.2 allows updates.php?id= XSS...

Cross site scripting

LogoBee 0.2 allows updates.php?id= XSS...

LogoBee Cross-Site Scripting Vulnerability

LogoBee is a logo creation software from LogoBee Inc. in the United States. A cross-site scripting vulnerability exists in LogoBee version 0.2, which stems from the use of a special load that can lead to cross-site scripting...

CVE-2023-52257

CVE-2023-52257 affects LogoBee 0.2 with a cross‑site scripting vulnerability in the updates.php?id= endpoint. The root cause is unsafe handling of the id parameter, enabling injected scripts to run in the application's context. Impact: XSS that can affect users interacting with the update interfa...

PT-2023-31944 · Logobee · Logobee

Name of the Vulnerable Software and Affected Versions: LogoBee version 0.2 Description: The issue allows for XSS in the updates.php?id= endpoint. Recommendations: For LogoBee version 0.2, as a temporary workaround, consider restricting access to the "updates.php?id=" endpoint until a patch is...

CVE-2023-52257

LogoBee 0.2 allows updates.php?id= XSS...

LogoBee CMS 0.2 Cross Site Scripting

==================================================================================================================================== | Title : LogoBee CMS v0.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...