CVE-2023-7171 | Novel-Plus up to 4.2.0 Friendly Link FriendLinkController.java cross site scripting

A vulnerability was found in Novel-Plus up to 4.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file novel-admin/src/main/java/com/java2nb/novel/controller/FriendLinkController.java of the component Friendly Link Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2023-7171. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-7171 | Novel-Plus up to 4.2.0 Friendly Link FriendLinkController.java cross site scripting

Post correlati

CVE-2024-34424 | iePlexus Featured Content Gallery Plugin up to 3.2.0 on WordPress cross site scripting

CVE-2022-23089 | FreeBSD proc_getargv out-of-bounds

CVE-2024-25559 | Appleple A-Blog CMS up to 3.1.8 Request clickjacking

CVE-2023-41231 | Intel ACAT prior 2.0.0 default permission (intel-sa-00913)