Improper Input Validation
CVE-2023-28733
Summary
AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office. This issue affects AnyMailing Joomla PluginĀ Enterprise in versions below 8.3.0.
- LOW
- NETWORK
- LOW
- CHANGED
- NONE
- NONE
- LOW
- NONE
CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
References
Advisory Timeline
- Published