CVE-2023-23756

State: PUBLISHED · Published: 2023-07-11 · Updated: 2024-11-26 · Assigner: Joomla

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.

CWE

CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected

advcomsys.com / oneVote component for Joomla — v=1.7.0 [affected]

CVSS

(none)

References

https://extensions.joomla.org/vulnerable-extensions/vulnerable/one-vote-1-7-xss-cross-site-scripting/ third-party-advisory

Source

cvelistV5-main/cves/2023/23xxx/CVE-2023-23756.json