CVE-2023-37785 | THREATINT

Description

A cross-site scripting (XSS) vulnerability in ImpressCMS v1.4.5 and before allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the smile_code parameter of the component /editprofile.php.

PUBLISHED Reserved 2023-07-10 | Published 2023-07-13 | Updated 2024-10-30 | Assigner mitre

References

github.com/CrownZTX/cve-description

cve.org (CVE-2023-37785)

nvd.nist.gov (CVE-2023-37785)

Download JSON

help @ threatint.eu