1 results (0.002 seconds)
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2023-37790 – Clarity PPM 14.3.0.298 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-37790
Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function. Se descubrió que Jaspersoft Clarity PPM versión 14.3.0.298 contenía una vulnerabilidad de carga de archivos arbitraria a través de la función de Carga de Imágenes de Perfil. Clarity PPM version 14.3.0.298 suffers from a persistent cross site scripting vulnerability. • https://github.com/kaizensecurity/CVE-2023-37790 https://packetstormsecurity.com/files/173508/Clarity-PPM-14.3.0.298-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •