Stored Cross Site Scripting (XSS) Vulnerability in Bludit v3.14.1 via SVG File on Site Logo

Stored Cross Site Scripting (XSS) Vulnerability in Bludit v3.14.1 via SVG File on Site Logo

CVE-2023-31698 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration).

Learn more about our On Site Uk Pen Test.