CVE-2023-6646 | linkding 1.23.0 q cross site scripting

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting.

This vulnerability is traded as CVE-2023-6646. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early, responded in a very professional manner and immediately released a fixed version of the affected product.

It is recommended to upgrade the affected component.

CVE-2023-6646 | linkding 1.23.0 q cross site scripting

Post correlati

CVE-2024-24801 | LogicHunt OWL Carousel Plugin up to 1.4.0 on WordPress cross site scripting

CVE-2024-27733 | Byzro Smart S42 Management Platform userattestation.php unrestricted upload

CVE-2024-39704 | Soft Circle French-Bread Melty Blood up to 1.4.0 Service Port 46318 Privilege Escalation

CVE-2024-21881 | Enphase Envoy 4.x/5.x inadequate encryption