HomePentest-Tools.com Logo

ChurchCRM v4.5.3 - Cross-Site Scripting CVE-2023-31548

Severity
CVSSv3 Score
5.4
Vulnerability description

A stored Cross-site scripting (XSS) vulnerability in the FundRaiserEditor.php component of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.\n

Risk description

No risk description to display.

Recommendation

To remediate this issue, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
May 31, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available