CVE-2023-44769: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

October 25, 2023 (updated November 1, 2023)

A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias.

References

github.com/sromanhu/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias/tree/main
github.com/sromanhu/ZenarioCMS--Reflected-XSS---Alias/tree/main
nvd.nist.gov/vuln/detail/CVE-2023-44769

Detect and mitigate CVE-2023-44769 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →