A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a cross-site scripting (XSS) attack. The vulnerability exists due to inadequate input validation in the Project Description and comments, which enables an attacker to inject malicious java script.
References
Link | Resource |
---|---|
https://github.com/herombey/CVE-2023-47437 | Third Party Advisory |
https://github.com/pachno/pachno | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-27T00:00:00
Updated: 2023-11-27T23:23:48.660921
Reserved: 2023-11-06T00:00:00
Link: CVE-2023-47437
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-28T00:15:07.093
Modified: 2023-12-01T19:48:29.537
Link: CVE-2023-47437
JSON object: View
Redhat Information
No data.
CWE