Unrated severityNVD Advisory· Published May 23, 2023· Updated Jan 31, 2025
CVE-2023-25440
CVE-2023-25440
Description
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.