Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions.
References
Configurations
History
07 Nov 2023, 04:07
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions. |
Information
Published : 2023-03-23 17:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-23707
Mitre link : CVE-2023-23707
CVE.ORG link : CVE-2023-23707
JSON object : View
Products Affected
awsm
- embed_any_document