Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
GibbonEdu Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-45879 - Vulnerability Database
GibbonEdu

GibbonEdu Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-45879

Medium
Reference: CVE-2023-45879
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-45879
Title: GibbonEdu Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME element to the Messager component.