mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.1 KiB
1.1 KiB
CVE-2023-41703
&color=brighgreen)
Description
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avoid potentially malicious content. No publicly available exploits are known.
POC
Reference
- http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6-Cross-Site-Scirpting-Denial-Of-Service.html
- http://packetstormsecurity.com/files/177130/OX-App-Suite-7.10.6-Cross-Site-Scirpting-Denial-Of-Service.html
Github
No PoCs found on GitHub currently.