CVE-2023-1881: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

April 5, 2023 (updated April 6, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.

References

github.com/advisories/GHSA-hhjm-mpmf-cxg9
github.com/microweber/microweber/commit/8d039de2d615956f6df8df0bb1045ff3be88f183
huntr.dev/bounties/d5ebc2bd-8638-41c4-bf72-7c906c601344
nvd.nist.gov/vuln/detail/CVE-2023-1881

Code Behaviors & Features

Detect and mitigate CVE-2023-1881 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →