First published: Sat Nov 18 2023(Updated: )
OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field.
Affected Software | Affected Version | How to fix |
---|---|---|
maven/org.opencrx:opencrx-core-models | <=5.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for OpenCRX version 5.2.0 HTML injection via Activity Milestone Name Field is GHSA-qjmx-q5m4-xqf5.
OpenCRX version 5.2.0 is affected by this vulnerability.
The severity level of the vulnerability GHSA-qjmx-q5m4-xqf5 is not specified in the provided information.
To fix the vulnerability GHSA-qjmx-q5m4-xqf5 in OpenCRX version 5.2.0, it is recommended to update to a patched version or apply the necessary security patches provided by the vendor.
More information about vulnerability GHSA-qjmx-q5m4-xqf5 can be found in the NIST National Vulnerability Database (NVD) at https://nvd.nist.gov/vuln/detail/CVE-2023-40816 and in the GitHub advisory at https://github.com/advisories/GHSA-qjmx-q5m4-xqf5.