Security Advisory
CVE-2023-38911
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Gallery parameter in the YouTube URL fields.