3 matches found
CVE-2023-27059
ChurchCRM v4.5.3 is affected by a cross-site scripting (XSS) vulnerability in the Edit Group function, where an attacker can inject arbitrary scripts or HTML via the Edit Group Name field. The issue affects the Edit Group Name input and is supported by multiple sources in the Connected documents,...
CVE-2023-27059
A cross-site scripting XSS vulnerability in the Edit Group function of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Group Name text field...
CVE-2023-27059
A cross-site scripting XSS vulnerability in the Edit Group function of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Group Name text field...