Arbitrary Code Execution via Reflected Cross-Site Scripting (XSS) in dmpop Mejiro Commit Versions Prior To 3096393
CVE-2023-46448 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reflected Cross-Site Scripting (XSS) vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images.
Learn more about our Web Application Penetration Testing UK.