CVE-2023-43875 Information

Description

Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost dbname dbuser adminusername and adminemail.

Reference

https://github.com/sromanhu/Subrion-CMS-Reflected-XSS—Installation/blob/main/README.md https://github.com/sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS—Installation/blob/main/README.md