CVE-2023-2103: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

April 15, 2023 (updated April 24, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.

References

github.com/advisories/GHSA-7m8r-gmc3-3p4v
github.com/alextselegidis/easyappointments/commit/46a865300e94c7031cc0e315d95d3e3e56768498
huntr.dev/bounties/1df09505-9923-43b9-82ef-15d94bc3f9dc
nvd.nist.gov/vuln/detail/CVE-2023-2103

Code Behaviors & Features

Detect and mitigate CVE-2023-2103 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →