CVE-2023-46081

Name of the Vulnerable Software and Affected Versions Lavacode Lava Directory Manager plugin versions <= 1.1.34

Description The issue is related to an Unauth. Stored Cross-Site Scripting (XSS) vulnerability. This allows for the storage of malicious scripts that can be executed by other users, potentially leading to unauthorized actions. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions <= 1.1.34, update to a version greater than 1.1.34 to resolve the issue. At the moment, there is no information about additional mitigation measures or workarounds for this vulnerability.