CVE-2023-31285

Vulnerability Description

An XSS issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. When users upload temporary files, some specific file endings are not allowed, but it is possible to upload .html or .htm files containing an XSS payload. The resulting link can be sent to an administrator user.

Vulnerability Details

Published Date

April 27, 2023

Last Modified

January 31, 2025

Source

NVD

CVE-2023-31285

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment