2 matches found
CVE-2023-38973
The CVE-2023-38973 entry describes a stored XSS in the Add Tag function of Badaso v2.9.7, triggered by crafted payload in the Title parameter. This is the confirmed vulnerability surface: web-accessible Add Tag title handling allows script/HTML execution. No exploit details are provided in the co...
CVE-2023-38973
A stored cross-site scripting XSS vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter...