Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA.
References
Link | Resource |
---|---|
https://github.com/Contrast-Security-OSS/Burptrast/tree/main/docs/CVE-2023-33725 | Exploit Mitigation Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-21T00:00:00
Updated: 2023-06-21T00:00:00
Reserved: 2023-05-22T00:00:00
Link: CVE-2023-33725
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-21T16:15:11.413
Modified: 2023-07-05T15:52:44.110
Link: CVE-2023-33725
JSON object: View
Redhat Information
No data.
CWE