Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
GibbonEdu Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-45879 - Vulnerability Database
GibbonEdu

GibbonEdu Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-45879

Medium
Reference: CVE-2023-45879
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-45879
Title: GibbonEdu Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME element to the Messager component.