AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office.
This issue affects AnyMailing Joomla PluginĀ Enterprise in versions below 8.3.0.
References
Link | Resource |
---|---|
https://www.acymailing.com/change-log/ | Release Notes |
https://www.bugbounty.ch/advisories/CVE-2023-28733 | Third Party Advisory |
Configurations
History
07 Nov 2023, 04:10
Type | Values Removed | Values Added |
---|---|---|
Summary | AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office. This issue affects AnyMailing Joomla PluginĀ Enterprise in versions below 8.3.0. |
Information
Published : 2023-03-30 12:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-28733
Mitre link : CVE-2023-28733
CVE.ORG link : CVE-2023-28733
JSON object : View
Products Affected
acymailing
- acymailing