Medium severity6.1NVD Advisory· Published Oct 14, 2023· Updated Jun 12, 2026

CVE-2023-30148

Description

Multiple Stored Cross Site Scripting (XSS) vulnerabilities in Opart opartmultihtmlblock before version 2.0.12 and Opart multihtmlblock* version 1.0.0, allows remote authenticated users to inject arbitrary web script or HTML via the body_text or body_text_rude field in /sourcefiles/BlockhtmlClass.php and /sourcefiles/blockhtml.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Store Opart/Multi HTML Block
cpe:2.3:a:store-opart:multi_html_block:*:*:*:*:*:prestashop:*:*
Range: <2.0.12
Opart/opartmultihtmlblockdescription
Prestashop/opartmultihtmlblockllm-fuzzy
Range: < 2.0.12

Patches

Vulnerability mechanics

References

security.friendsofpresta.org/modules/2023/10/10/opartmultihtmlblock.htmlnvdPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000