Description
Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.5 allows a remote attacker to obtain sensitive information via a crafted scripts to the Admin Panel.
Remediation
References
https://devhub.checkmarx.com/cve-details/cve-2023-46499/
https://devhub.checkmarx.com/cve-details/Cx0f8b38be-d5de/
Related Vulnerabilities
CVE-2023-46657 Vulnerability in maven package org.jenkins-ci.plugins:gogs-webhook
CVE-2019-1351 Vulnerability in npm package nodegit
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core-api
CVE-2021-36373 Vulnerability in maven package org.apache.ant:ant
CVE-2020-19698 Vulnerability in maven package org.webjars.bower:editor.md