CHT Security SOC Discovered Vulnerability in an Open-source Platform

Summary

Vulnerability List

[CVE-2023-36118] – XSS

Details

1. XSS

Description

A vulnerability (CVE-2023-36118) was discovered in an external open-source platform. XSS problems in multiple functions had been found among its management page.

Impact

The platform has XSS problems throughout the management page and can be triggered by attackers using simple XSS syntax. This vulnerability can be classified into the A03-Injection type of OWASP TOP 10 2021.

Known Affected Software

• Version 1.0

Credits

• Noflag (CHT Security)