CVE-2023-31544

Published: 2023-05-16T21:15Z

Last Modified: 2025-01-23T18:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt