← back
CVE-2023-2109

Cross-site Scripting (XSS) - DOM in chatwoot/chatwoot

CVSS 5.3 MEDIUMEPSS 0.4%CWE-79
Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.14.0.
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products
chatwoot · chatwoot/chatwoot

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/chatwoot/chatwoot/commit/a06a5a574ad908b0ef2db7b47d05c3774eeb493dhttps://huntr.dev/bounties/fd5999fd-b1fd-44b4-ae2e-8f95b5c3d1b6