HomePentest-Tools.com Logo

ChurchCRM 4.5.3 - Cross-Site Scripting CVE-2023-26843

Severity
CVSSv3 Score
5.4
Vulnerability description

A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php.\n

Risk description

No risk description to display.

Recommendation

Upgrade to a patched version of ChurchCRM or apply the necessary security patches to mitigate the XSS vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Apr 25, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available