CVE-2023-7171 | Novel-Plus up to 4.2.0 Friendly Link FriendLinkController.java cross site scripting

A vulnerability was found in Novel-Plus up to 4.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file novel-admin/src/main/java/com/java2nb/novel/controller/FriendLinkController.java of the component Friendly Link Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2023-7171. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-7171 | Novel-Plus up to 4.2.0 Friendly Link FriendLinkController.java cross site scripting

Post correlati

CVE-2023-5961 | Moxa ioLogik E1200 up to 3.3 cross-site request forgery

CVE-2024-5443 | parisneo lollms up to 9.7 ExtensionBuilder.build_extension path traversal

CVE-2023-50044 | Cesanta MJS 2.22.0 getprop_builtin_foreign buffer overflow

CVE-2023-51392 | Silabs Ember ZNet SDK up to 7.3.x on 32-bit ARM Software AES-CCM risky encryption