CVE-2023-4829: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

October 13, 2023 (updated October 17, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.

References

github.com/advisories/GHSA-cvwv-h85m-w37h
github.com/froxlor/froxlor/commit/4711a414360782fe4fc94f7c25027077cbcdf73d
huntr.dev/bounties/babd73ca-6c80-4145-8c7d-33a883fe606b
nvd.nist.gov/vuln/detail/CVE-2023-4829

Code Behaviors & Features

Detect and mitigate CVE-2023-4829 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →