One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8318157 |
| Date de publication | 2023-03-13 17:15:12 (vue: 2023-03-13 19:07:12) |
| Titre | CVE-2023-0538 |
| Texte | The Campaign URL Builder WordPress plugin before 1.8.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks |
| Notes | |
| Envoyé | Oui |
| Condensat | 0538 2023 above allow attacks attributes back before builder campaign contributor could cross cve does embed escape its not outputting page/post perform plugin role scripting shortcode site some stored them url users validate where which wordpress |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.