CVE-2023-41657

Name of the Vulnerable Software and Affected Versions Groundhogg Inc. HollerBox plugin versions <= 2.3.2

Description The issue is related to an Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability. This means that an attacker with administrative access can inject malicious scripts into the application, potentially leading to unauthorized actions. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For Groundhogg Inc. HollerBox plugin versions <= 2.3.2, update to a version higher than 2.3.2 to resolve the issue. At the moment, there is no information about additional mitigation measures.