CVE-2023-40809
OpenCRX 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number. Root cause is improper input sanitization/validation in that field, enabling potential JavaScript injection as described by Veracode sources. CVSSv3.1 shows a base score of 6.1 (MEDIUM) with NETWORK at...