4 matches found
CVE-2023-25347
A stored cross-site scripting XSS vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php...
CVE-2023-25347
A stored cross-site scripting XSS vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php...
CVE-2023-25347
CVE-2023-25347 describes a stored cross-site scripting (XSS) vulnerability affecting ChurchCRM 4.5.3. The issue arises from input fields in the EventEditor.php code, specifically the Title input field, allowing remote attackers to inject arbitrary web script or HTML. The NVD/Red Hat and related e...
CVE-2023-25347
A stored cross-site scripting XSS vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php...