CVE-2023-22425

Name of the Vulnerable Software and Affected Versions SHIRASAGI versions 1.16.2 and earlier

Description The issue allows a remote authenticated attacker to inject an arbitrary script due to a stored cross-site scripting vulnerability in the Schedule function.

Recommendations For SHIRASAGI versions 1.16.2 and earlier, consider disabling the Schedule function until a patch is available to prevent exploitation. Restrict access to the Schedule function to minimize the risk of arbitrary script injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.