CVE-2023-5052 Information

Description

vulnerability in Uniform Server Zero version 10.2.5 consisting of an XSS through the /us_extra/phpinfo.php page. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and partially take over their session details.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-uniform-server-zero