Lucene search
Veracode Vulnerability DatabaseVERACODE:40290HistoryApr 26, 2023 - 7:17 a.m.
Stored Cross-site Scripting (XSS)
2023-04-2607:17:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
azuracast
software
vulnerability
main.phtml
stored cross-site scripting
xss
attack
EPSS
0.001
Percentile
34.5%
azuracast/azuracast is vulnerable to Stored Cross-site Scripting (XSS). The vulnerability exists in main.phtml because the user display name in the menu is not properly escaped before being rendered, allowing an attacker to inject and execute malicious JavaScript through the display name.
Related
huntr
huntr
Stored XSS
2023-04-18 20:43:58
nvd
nvd
CVE-2023-2191
2023-04-20 02:15:06
osv
osv
AzuraCast/AzuraCast vulnerable to cross-site scripting
2023-04-20 03:30:16
CVE-2023-2191
2023-04-20 02:15:06
cvelist
cvelist
CVE-2023-2191 Cross-site Scripting (XSS) - Stored in azuracast/azuracast
2023-04-20 00:00:00
github
github
AzuraCast/AzuraCast vulnerable to cross-site scripting
2023-04-20 03:30:16
cve
cve
CVE-2023-2191
2023-04-20 02:15:06
veracode
veracode
Cross-Site Scripting (XSS)
2023-05-03 08:07:45
prion
prion
Cross site scripting
2023-04-20 02:15:00