2 matches found
CVE-2023-5556 Cross-site Scripting (XSS) - Reflected in structurizr/onpremises
Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194...
CVE-2023-5556
CVE-2023-5556 corresponds to a reflected Cross-Site Scripting (XSS) in Structurizr on-premises prior to 3194. The vulnerability is triggered via the version parameter in workspace URLs (e.g., GET /workspace/[workspaceid]?version=...). The issue allows an attacker to inject JavaScript in authentic...