CVE-2023-43340
Evolution CMS 3.2.3 is affected by a Cross-site Scripting (XSS) vulnerability that allows a local attacker to execute arbitrary code by injecting a crafted payload into the parameters: cmsadmin, cmsadminemail, cmspassword, and cmspasswordconfim. Multiple sources (including Red Hat, Veracode, GHSA...