CVE-2023-27150

Description

openCRX 5.2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name field after creation of a Tracker in Manage Activity.

Affected packages (1)

• Maven/org.opencrx:opencrx-corefrom 0, <= 5.2.0

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-27150
• PATCHhttps://github.com/opencrx/opencrx
• WEBhttps://www.esecforte.com/cve-2023-27150-cross-site-scripting-xss
• WEBhttps://www.opencrx.org