Description
OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field.
Remediation
References
https://www.esecforte.com/cve-2023-40810-html-injection-product-creation/
Related Vulnerabilities
CVE-2023-36665 Vulnerability in maven package org.webjars.npm:protobufjs
CVE-2022-28367 Vulnerability in maven package org.owasp.antisamy:antisamy
CVE-2021-23430 Vulnerability in npm package startserver
CVE-2020-2229 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-43409 Vulnerability in maven package org.jenkins-ci.plugins.workflow:workflow-support