3 matches found
CVE-2023-2191 Cross-site Scripting (XSS) - Stored in azuracast/azuracast
Cross-site Scripting XSS - Stored in GitHub repository azuracast/azuracast prior to 0.18...
CVE-2023-2191
CVE-2023-2191 describes a stored XSS in AzuraCast prior to version 0.18 (specifically in the display name on the Edit Profile page). The underlying issue is insufficient filtering/escaping of user-provided data in that field, allowing a crafted payload to execute in the victim’s browser. Public d...
CVE-2023-2191 Cross-site Scripting (XSS) - Stored in azuracast/azuracast
Cross-site Scripting XSS - Stored in GitHub repository azuracast/azuracast prior to 0.18...