CVE-2023-43871
WBCE CMS v1.6.1 is affected by a file upload vulnerability that allows a local attacker to upload a PDF containing hidden XSS. Root cause/technical details are limited to an uploaded file not being properly sanitized, enabling XSS execution in certain contexts. No patch/version remediation is spe...