Medium severity5.9NVD Advisory· Published Mar 23, 2023· Updated Jun 17, 2026
CVE-2023-23707
CVE-2023-23707
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.7.1
- Awsm Innovations/Embed Any Document – Embed PDF, Word, PowerPoint and Excel Filesv5Range: n/a
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.