CVE-2023-43876

Published
View on NVD ↗
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation
sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation
October CMS 3.4.16 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.
GitHubGitHub