WEB APPLICATION VULNERABILITIES Standard & Premium

GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45879)

Description

GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME element to the Messager component.

Remediation

References

Related Vulnerabilities

WordPress Plugin WPML (WordPress Multilingual) Multiple Vulnerabilities (3.1.8.6)

Cherokee Improper Authentication Vulnerability (CVE-2014-4668)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-3742)

MySQL CVE-2019-2694 Vulnerability (CVE-2019-2694)

WordPress 'wp-db.php' Character Set SQL Injection Vulnerability (2.0 - 2.3.1)

Severity

Medium

Classification

CVE-2023-45879 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities