CVE-2023-40674

Name of the Vulnerable Software and Affected Versions Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management versions n/a through 118

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS, where an attacker can inject malicious scripts into a website, potentially affecting users who visit the compromised page.

Recommendations For versions n/a through 118, update to a version that addresses the Stored XSS issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.