Headline
GHSA-hhjm-mpmf-cxg9: Microweber vulnerable to stored cross-site scripting (XSS) via X-Forwarded-For header
microweber/microweber prior to 1.3.3 is vulnerable to stored cross-site scripting (XSS) via the X-Forwarded-For header. This was fixed in version 1.3.3.
Microweber vulnerable to stored cross-site scripting (XSS) via X-Forwarded-For header
High severity GitHub Reviewed Published Apr 5, 2023 to the GitHub Advisory Database • Updated Apr 6, 2023
Related news
CVE-2023-1881: Stored XSS From Visitor to Acc Takeover in microweber
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.