First published: Sat Nov 18 2023(Updated: )
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field.
Credit: email@example.com firstname.lastname@example.org
|Affected Software||Affected Version||How to fix|
CVE-2023-40812 is a vulnerability in OpenCRX version 5.2.0 that allows for HTML injection via the Accounts Group Name Field.
CVE-2023-40812 affects OpenCRX version 5.2.0 by allowing an attacker to inject HTML code via the Accounts Group Name Field, which can potentially lead to various security risks.
The severity of CVE-2023-40812 is dependent on the context in which the injected HTML code is executed, but it has the potential to lead to unauthorized access, data leakage, or other security issues.
To fix CVE-2023-40812 in OpenCRX version 5.2.0, it is recommended to apply the latest patches or updates provided by the vendor, or consider upgrading to a newer version that addresses the vulnerability.
More information about CVE-2023-40812 can be found at the following references: [https://www.esecforte.com/cve-2023-40812-html-injection-accounts-group/](https://www.esecforte.com/cve-2023-40812-html-injection-accounts-group/), [https://nvd.nist.gov/vuln/detail/CVE-2023-40812](https://nvd.nist.gov/vuln/detail/CVE-2023-40812), [https://github.com/advisories/GHSA-3g79-j8hq-r4xv](https://github.com/advisories/GHSA-3g79-j8hq-r4xv).