HTML Injection Vulnerability in SpringbootCMS 1.0 Allows for Remote Code Execution and Cookie Theft
CVE-2023-43191 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft
Learn more about our Cms Pen Testing.