CVE-2023-7215 | Chanzhaoyu chatgpt-web 2.11.1 Description cross site scripting (Issue 2001)

Inserito da Angelo Barbosa | Gen 5, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Chanzhaoyu chatgpt-web 2.11.1. This issue affects some unknown processing. The manipulation of the argument Description with the input <image src onerror=prompt(document.domain)> leads to cross site scripting.

The identification of this vulnerability is CVE-2023-7215. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2023-7215 | Chanzhaoyu chatgpt-web 2.11.1 Description cross site scripting (Issue 2001)

Post correlati

CVE-2024-25312 | code-projects Simple School Management System 1.0 School/sub_delete.php id sql injection

CVE-2024-21840 | Hitachi Storage Plug-in for VMware vCenter up to 04.9.2 default permission (hitachi-sec-2024-108)

CVE-2024-1868 | G Data Total Security link following

CVE-2024-32807 | Brevo for WooCommerce Sendinblue Plugin up to 4.0.17 on WordPress path traversal