5 matches found
CVE-2023-3071
Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...
CVE-2023-3071
Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...
CVE-2023-3071
Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...
CVE-2023-3071 Cross-site Scripting (XSS) - Stored in tsolucio/corebos
Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...
CVE-2023-3071
CVE-2023-3071 corresponds to a Stored XSS in coreBOS prior to version 8. The Huntr-documented PoC targets the PickList/PickListAjax path, where tainted input in the newValues parameter can be injected to the database, with a crafted payload observed in the PoC. Other connected sources confirm the...