3 matches found
CVE-2023-26847
A stored cross-site scripting XSS vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates...
CVE-2023-26847
OpenCATS v0.9.7 is affected by a stored XSS vulnerability. The issue arises from untrusted input in the state parameter of opencats/index.php?m=candidates, allowing attackers to inject and execute arbitrary web scripts/HTML when the payload is processed. Affected component: OpenCATS web applicati...
CVE-2023-26847
A stored cross-site scripting XSS vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates...