Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-3862-fmr3-4f3h: Broadleaf vulnerable to Cross-site Scripting

Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.7-GA.

ghsa
#xss#vulnerability#git

Broadleaf vulnerable to Cross-site Scripting

Moderate severity GitHub Reviewed Published Jun 21, 2023 to the GitHub Advisory Database • Updated Jun 21, 2023

Related news

CVE-2023-33725: Burptrast/docs/CVE-2023-33725 at main · Contrast-Security-OSS/Burptrast

Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA.