CVE-2023-47380: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Admidio v4.2.12 and below is vulnerable to Cross Site Scripting (XSS).
References
- github.com/Admidio/admidio/releases/tag/v4.2.13
- github.com/advisories/GHSA-vm4p-gh82-xq96
- nvd.nist.gov/vuln/detail/CVE-2023-47380
- www.admidio.org/intern/adm_program/modules/announcements/announcements.php?ann_uuid=714ead2b-1718-4251-a9a3-f1b0df12d60e&headline=Blog
- www.getastra.com/blog/security-audit/reflected-xss-vulnerability-in-admidio/
Code Behaviors & Features
Detect and mitigate CVE-2023-47380 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →