2 matches found
CVE-2023-49974
A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customersupport/index.php?page=customerlist...
CVE-2023-49974
CVE-2023-49974 concerns a cross-site scripting (XSS) vulnerability in the proprietary product Customer Support System v1 . The issue arises from insufficient input filtering/escaping, enabling an attacker to inject arbitrary web scripts or HTML via the crafted payload placed in the contact parame...