Description
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field.
Remediation
References
https://www.esecforte.com/cve-2023-40815-html-injection-category/
Related Vulnerabilities
CVE-2018-9206 Vulnerability in maven package org.webjars.bower:blueimp-file-upload
CVE-2020-7642 Vulnerability in maven package org.webjars.bowergithub.afarkas:lazysizes
CVE-2020-28282 Vulnerability in npm package getobject
CVE-2022-0219 Vulnerability in maven package io.github.skylot:jadx-core
CVE-2020-14966 Vulnerability in maven package org.webjars.bower:jsrsasign