Moderate severityNVD Advisory· Published May 16, 2023· Updated Jan 23, 2025
CVE-2023-31544
CVE-2023-31544
Description
A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.opencms:opencms-coreMaven | < 11.0.1 | 11.0.1 |
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.