One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8315456 |
| Date de publication | 2023-03-03 22:15:09 (vue: 2023-03-04 00:06:57) |
| Titre | CVE-2023-0968 |
| Texte | The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, and including, 3.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
| Notes | |
| Envoyé | Oui |
| Condensat | 0968 2023 action arbitrary attackers can clicking cross cve date due email escaping execute including inject input insufficient link makes output pages parameters performing plugin points possible quiz reflected sanitization scripting scripts site successfully such trick unauthenticated user versions vulnerable watu web wordpress ‘dn’ |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.