One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8312296 |
| Date de publication | 2023-02-21 20:15:12 (vue: 2023-02-21 23:07:07) |
| Titre | CVE-2023-0942 |
| Texte | The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
| Notes | |
| Envoyé | Oui |
| Condensat | 0942 2023 action arbitrary attackers can clicking cross cve due escaping execute including inject input insufficient japanized link makes output pages parameter performing plugin possible reflected sanitization scripting scripts site successfully such trick unauthenticated user versions vulnerable web woocommerce wordpress ‘tab’ |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.