Description
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number.
Remediation
References
https://www.esecforte.com/cve-2023-40809-html-injection-search/
Related Vulnerabilities
CVE-2014-6394 Vulnerability in npm package send
CVE-2022-29214 Vulnerability in npm package next-auth
CVE-2020-15096 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-24728 Vulnerability in npm package ckeditor4
CVE-2011-0013 Vulnerability in maven package org.apache.tomcat:tomcat-catalina