Cross Site Scripting Vulnerability in ProjeQtOr Web Application
CVE-2023-49034
6.1MEDIUM
What is CVE-2023-49034?
A Cross Site Scripting (XSS) vulnerability exists in ProjeQtOr version 11.0.2 that enables attackers to execute arbitrary code. By injecting a crafted script into the 'thecheckvalidHtmlText' function through the ack.php and security.php files, a remote attacker can manipulate the application context, leading to potential security breaches and unauthorized access. This vulnerability highlights the importance of sanitizing user inputs and implementing robust security measures within web applications.