CVE-2023-2259

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions alfio-event/alf.io versions prior to 2.0-M4-2304

Description The issue is related to the improper neutralization of special elements used in a template engine. This problem affects the GitHub repository alfio-event/alf.io.

Recommendations For versions prior to 2.0-M4-2304, update to version 2.0-M4-2304 or later to resolve the issue.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1336CWE-94

Related Identifiers

CVE-2023-2259

Affected Products

Alf.Io

CVE-2023-2259

Weakness Enumeration

Related Identifiers

Affected Products

References · 8