Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to a victim and partially take control of their browsing session.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-12-13T10:52:01.743Z
Updated: 2024-08-02T08:28:21.815Z
Reserved: 2023-11-29T10:30:51.994Z
Link: CVE-2023-6379
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-13T11:15:07.100
Modified: 2023-12-15T20:33:49.850
Link: CVE-2023-6379
Redhat
No data.