CVE-2023-41703

Name of the Vulnerable Software and Affected Versions SoftwareX (affected versions not specified)

Description The issue arises from the improper sanitization of User ID references at mentions in document comments, allowing script code to be injected into a user's session when working with a malicious document. This could potentially lead to malicious content being executed. However, no publicly available exploits are known. User-defined content, such as comments and mentions, is now filtered to avoid potentially malicious content.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.