CVE-2023-29998
- Reference to the description:
- Description:
- A Cross-site scripting (XSS) vulnerability in the content editor in Gis3W g3w-suite 3.5 allows remote authenticated users to inject arbitrary web script or HTML and gain privileges via the description parameter.
- Last updated date:
- 07/14/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/14/2023
- Reference url to background
https://labs.yarix.com/2023/07/gis3w-persistent-xss-in-g3wsuite-3-5-cve-2023-29998/