Security Advisory

CVE-2023-54341

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-13 22:52:10

Last updated 2026-03-05 01:29:46

Assigner VulnCheck

State PUBLISHED

Description

Webgrind 1.1 and before contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts via the file parameter in index.php. The application does not sufficiently encode user-controlled inputs, allowing attackers to execute arbitrary JavaScript in victims browsers by crafting malicious URLs.

← Browse all CVEs View on cve.org ↗