2 matches found
CVE-2023-42431
Cross-site Scripting XSS vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This only applies to the genuine user context...
BlueSpice Security Vulnerabilities
BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. A security vulnerability exists in BlueSpice, which stems from a cross-site scripting XSS vulnerability in the BlueSpiceAvatars extension. The vulnerability can be exploited to inject arbitrary HTML code into the profil...