CVE-2023-49782 | CollaboraOnline prior 23.5.601 Built-in CODE Server App proxy.php cross site scripting (GHSA-8xm5-pgfr-8mjr)

Inserito da Angelo Barbosa | Dic 8, 2023 | CVE

A vulnerability was found in CollaboraOnline Online and classified as problematic. This issue affects some unknown processing of the file proxy.php of the component Built-in CODE Server App. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2023-49782. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49782 | CollaboraOnline prior 23.5.601 Built-in CODE Server App proxy.php cross site scripting (GHSA-8xm5-pgfr-8mjr)

Post correlati

CVE-2024-29135 | Tourfic Plugin up to 2.11.15 on WordPress unrestricted upload

CVE-2023-37295 | AMI MegaRAC_SPx prior 12.7/13.6 BMC heap-based overflow

CVE-2024-6949 | Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120 /pages.php path traversal

CVE-2024-10057 | RSS Feed Widget Plugin up to 2.9.9 on WordPress Shortcode rfw-youtube-videos cross site scripting