Description
The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message).
References
www.openwall.com/lists/oss-security/2024/05/16/3
www.openwall.com/lists/oss-security/2024/05/16/3 ([oss-security] 20240516 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package)
seclists.org/fulldisclosure/2024/May/27 (20240520 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package)
www.openwall.com/lists/oss-security/2024/05/16/3
www.openwall.com/lists/oss-security/2024/05/16/3 ([oss-security] 20240516 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package)
seclists.org/fulldisclosure/2024/May/27 (20240520 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package)