2 matches found
CVE-2023-3982 Cross-site Scripting (XSS) - Stored in omeka/omeka-s
Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.2...
CVE-2023-3982
Omeka-S versions prior to 4.0.2 are affected by a stored XSS vulnerability in the web application (stored user input). Root cause: unsanitized input stored by the application, enabling script execution in a victim’s browser. A fix is available in 4.0.2 or later. A PoC exists on Huntr: https://www...