CVE-2023-49186

Name of the Vulnerable Software and Affected Versions KlbTheme Machic Core versions prior to 1.2.7

Description Improper neutralization of input during web page generation allows DOM-Based Cross-site Scripting (XSS), a flaw where an application contains client-side JavaScript that processes data from an untrusted source in an unsafe way, typically updating the document object model (DOM).

Recommendations Update to a version newer than 1.2.6.