2 matches found
PT-2023-14299 · Gx · Xperiencentral
Name of the Vulnerable Software and Affected Versions: GX Software XperienCentral versions 10.29.1 through 10.33.0 Description: The issue allows for cross site scripting attacks XSS due to the Content Security Policy CSP header using eval in the script-src, which is associated with Interactive...
GX Software XperienCentral 跨站请求伪造漏洞
GX Software XperienCentral is a CMS from GX Software. A security vulnerability exists in GX Software XperienCentral versions 10.31.0 through 10.33.0, which stems from a cross-site request forgery CSRF vulnerability that allows an attacker to infer a token value using the names of all input fields...