CVE-2023-25440 Information

May 24, 2023 cve

Description

Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1 allows attackers to execute arbitrary code in first/second name field.

Reference

https://packetstormsecurity.com/files/172470/CiviCRM-5.59.alpha1-Cross-Site-Scripting.html https://civicrm.org/

Share on: