CVE-2023-36223 Information

Description

Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function.

Reference

http://bbs-go.com https://github.com/mlogclub/bbs-go https://github.com/mlogclub/bbs-go/issues/208