CVE-2023-22849

Posted on by admin

CVE-2023-22849

An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in multiple features. Upgrade to Apache Sling App CMS >= 1.1.6

Source: CVE-2023-22849

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다