Security Advisory

CVE-2023-53938

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-18 19:53:34
Last updated 2026-04-07 14:07:57
Assigner VulnCheck
State PUBLISHED

Description

RockMongo 1.1.7 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple unencoded input parameters. Attackers can exploit the vulnerability by submitting crafted payloads in database, collection, and login parameters to execute arbitrary JavaScript in victims browser.