Tanguy-Boisset/CVE

Releases0

A bunch of CVE and PoC

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-52059 ↗	Feb 13, 2024Tuesday, 13 February 2024, 01:15	5.4 MEDIUM	—
A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field.
CVE-2023-52060 ↗	Feb 13, 2024Tuesday, 13 February 2024, 01:15	4.3 MEDIUM	—
A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers to arbitrarily edit user profile information via a crafted request.