2 matches found
CVE-2023-0301 Cross-site Scripting (XSS) - Stored in alfio-event/alf.io
Cross-site Scripting XSS - Stored in GitHub repository alfio-event/alf.io prior to Alf.io 2.0-M4-2301...
CVE-2023-0301
CVE-2023-0301 describes a stored Cross-site Scripting (XSS) vulnerability in the Alf.io event/markdown feature, reported to affect Alf.io versions prior to 2.0-M4-2301. The issue arises from user-supplied content in the GitHub repository alfio-event/alf.io, allowing an attacker to inject scripts ...