mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
992 B
992 B
CVE-2023-47861
&color=brighgreen)
Description
A cross-site scripting (xss) vulnerability exists in the channelBody.php user name functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerability.
POC
Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2023-1884
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1884
Github
No PoCs found on GitHub currently.