Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/12/18 11:36 p.m.5 views

CVE-2023-53906

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

5.1CVSS6AI score0.00257EPSS
Exploits1References1
cvelist
cvelist
added 2025/12/17 10:44 p.m.36 views

CVE-2023-53906 ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

5.1CVSS0.00257EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/12/17 10:44 p.m.3 views

CVE-2023-53906 ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

5.1CVSS5.7AI score0.00257EPSS
Exploits1References3
cve
cve
added 2025/12/17 10:44 p.m.11 views

CVE-2023-53906

CVE-2023-53906 (projectSend r1605) is a stored cross-site scripting vulnerability where authenticated administrators can inject JavaScript via the custom assets configuration page. A payload placed in the custom assets section executes when other users load the affected page, enabling persistent ...

5.1CVSS5.7AI score0.00257EPSS
Exploits1References3Affected Software1
osv
osv
added 2025/12/17 10:44 p.m.8 views

CVE-2023-53906 ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

5.1CVSS5.9AI score0.00257EPSS
Exploits1References5
Rows per page
Query Builder