CVE-2023-49117
N/A
N/A
Summary
PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Alfasado Inc. | PowerCMS (PowerCMS 6 Series) | 6.31 and earlier | affected |
| Alfasado Inc. | PowerCMS (PowerCMS 5 Series) | 5.24 and earlier | affected |
| Alfasado Inc. | PowerCMS (PowerCMS 4 Series) | 4.54 and earlier | affected |
Weaknesses
- Cross-site scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.