2 matches found
CVE-2023-51252
PublicCMS 4.0 is vulnerable to Cross Site Scripting XSS. Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing...
CVE-2023-51252
PublicCMS 4.0 is affected by an XSS vulnerability in the Online Preview component. The issue arises from inadequate protection of the web page structure when uploaded files (PDF/HTML) are viewed online, enabling an XSS popup. Root cause: lack of proper input handling in the Online Preview feature...