| ID | CVE-2023-52265 | ||||||
| Sažetak | IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | ||||||
| Zadnje važnije ažuriranje | 20-11-2024 - 19:56 | ||||||
| Objavljeno | 30-12-2023 - 23:15 |
